OpenID provider endpoint

Important: As of December 1, 2020 the OpenID 2.0 integration option described in this topic is deprecated and is no longer available for new product integrations. Existing integrations that use OpenID 2.0 continue to work. For enhanced security, AppDirect recommends that you use OpenID Connect or SAML to authenticate applications, and that you migrate existing products that use OpenID 2.0 to one of those authentication methods.

After a user is redirected to the configured OpenID login URL, the vendor needs to send discovery requests to the OpenID provider running on one of the AppDirect-powered marketplaces, as passed in the openid template field. This OpenID provider URL looks like https://www.acme-marketplace.com/openid/id.

Developers typically only need to use AppDirect's endpoint with an OpenID 2.0 compliant library. That library handles the OpenID authentication flow with the user. Many libraries have a sample with a form field where a user enters an OpenID URL. Developer endpoints can fill that field with the URL received in the openid template field and submit the form to initiate an OpenID authentication request automatically.