About role endpoints configuration - Security Center 5.12

Security Center Administrator Guide 5.12

Product
Security Center
Content type
Guides > Administrator guides
Version
5.12
Language
English
Last updated
2024-09-13

To configure your external identity provider, you require the redirect and logout endpoints. All clients must be able to reach these URIs using single sign-on.

If you configure role failover for the Directory, Mobile Server, Web Client Server, or Web App Server roles, each additional server needs separate redirect and logout URIs.

The following table lists the compatible clients for different URIs:
URIs Compatible clients Default web address
/genetec SDK, Config Tool, and Security Desk -
<Mobile>OpenId Genetec™ Mobile Mobile
<WebApp>OpenId Genetec™ Web App WebApp
<SecurityCenter>OpenId Security Center Web Client SecurityCenter
NOTE: Any modification to the Mobile, SecurityCenter, or WebApp addresses creates corresponding changes to the URIs.
OpenID Connect and SAML 2.0 use the same URIs. When you create an Authentication Service role using the OpenID Connect or SAML 2.0 protocols, the system automatically generates the redirect and logout URIs.
NOTE: The system generates the URIs based on the availability and configuration of the server roles. The URIs refresh when you add, edit, or delete any server roles.
During the role creation process, you can add, edit, and delete endpoints from the App registration page of the Creating a role: Authentication Service configuration wizard. After creating the role, you can modify the endpoints directly from the Network endpoint page of the Authentication Service role.
Creating a role: Authentication Service window in Config Tool shows the endpoint URIs.
You might need to modify the endpoint URIs in the following scenarios:
  • Servers are added or removed after setting up the identity provider.
  • You need to access Security Center systems that are not accessible from the internet. This is common for mobile and web clients.
In the Network endpoint page of the Authentication Service role, the User-defined column indicates whether or not the URI has been modified. To reset the user-defined URIs to default, click Reset configuration.
Network endpoint page of the Authentication Service role in Config Tool shows redirect and logout URIs.