OpenID Realm

❗ Important As of December 1, 2020 the OpenID 2.0 integration option described in this topic is deprecated and is no longer available for new product integrations. Existing integrations that use OpenID 2.0 continue to work. For enhanced security, AppDirect recommends that you use OpenID Connect or SAML to authenticate applications, and that you migrate existing products that use OpenID 2.0 to one of those authentication methods.

An OpenID realm is a user-friendly way to manage authentication requests from unknown consumers during a single sign-on workflow. Although using an OpenID realm is optional, AppDirect recommends it.

If you not use OpenID Realm, when authentication requests are received from unknown users, AppDirect displays a message asking them if they want to log on to your application. If you configure an OpenID Realm and add it to the whitelist, users can log in directly without the need for you to manually grant them access to your application.

In most cases, the realm URL for your application is identical to the login URL or may have an optional '*' wildcard character. However, if you delegate OpenID handling to a third party, it may be necessary to specify a different domain in the realm. Here are some examples:

• When a login URL is https://example.com/login/openid, the OpenID realm could be https://example.com/login/\*.
• When a login URL is https://openid.example.com/login, the OpenID realm could be https://\*.example.com/login.

For information about the URL format, see Login URL.

For the OpenID Realm configuration procedure, see Edit OpenID 2.0 .