Configuring PayAnalytics SSO/OIDC against Passport

Purpose

This document describes the steps a technical contact for a PayAnalytics by beqom customer is required to carry out in order to configure SSO/OIDC authentication for the PayAnalytics by beqom online solution using the v Passport service Identity as an Identity Provider.

Responsibilities

Technical contact for PayAnalytics by beqom customer or a member of beqom IT services: Carries out these instructions.

Prerequisites

• A dedicated PayAnalytics by beqom instance with SSO/OIDC support enabled has been created for the customer.

• The technical contact has a user account (using username/password) with administrative privileges on the PayAnalytics by beqom customer instance.

• The beqom Passport service has been configured for the instance (contact via support@beqom.com)

Procedure

1. Log into your PayAnalytics instance via "Other Options" -> "Sign in as administrator" (see Figure 4.1). If OIDC has not yet been enabled then the login form can be used directly. If you're logging in for the first time you will need to retrieve your password with the "Forgot Password" feature.

This is an note/information message.

Until OIDC is enabled for the instance you will see the normal Username/Password login screen.

Figure 4.1: Administrator login on PayAnalytics SSO login screen.

2. In PayAnalytics , open settings (by clicking ) and from the settings page click "SSO/OIDC configuration".

3. Fill in the OIDC configuration page as follows

Figure 4.2: Values to be copied from PayAnalytics into Ping Identity OIDC configuration.

Also available in the following table:

• Click “Save”

• If you are carrying out these instructions as a technical contact (e.g. as part of beqom IT), disable your own user before logging out.

Other information

The OIDC metadata is available on the following url:

https://passport.beqom.com/.well-known/openid-configuration