OpenID Directory Manager plugin enables the use of OpenID Connect to authenticate users to sign in to Joget. 

Figure 1: Login screen with an additional sign-in button using OpenID Directory Manager plugin

Upon clicking on the login button, users will be redirected to the configured OpenID Connect site where they will log in. When a user is authenticated, it will then redirect back to Joget using the "Callback URL" configured in the plugin.

This plugin requires the use of Joget Professional edition and above.

This plugin source code is available in a new open source repository at JogetOSS is a community-led team for open source software related to the Joget no-code/low-code application platform. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.

Configurations Steps

  1. Install the OpenID Connect Directory Manager Plugin from the Joget Marketplace.
  2. In the Joget System Settings > General Settings, set API Domain Whitelist   to * (IMPORTANT NOTE: If this is not set, you will get a 400 Forbidden error when performing the SSO)
  3. In the Joget System Settings > Directory Manager, select the Open ID Connect Plugin.
  4. Provide the callback URL to your OID provider and obtain the settings to configure in Joget.
  5. In the OpenID Connect Directory Manager Plugin, configure it according to the settings provided by your OID provider.

OpenID Plugin Configuration

OpenID Provider Details

Callback URL

URL to which Auth0 redirects users after they authenticate.

Ensure to provide this Callback URL to your OpenID Connect service.

  • Issuer URL
  • Custom

Issuer URL

URL which is used to validate the discovery URL (Issuer URL + "/.well-known/openid-configuration") 

URL where Auth0 can find the OpenID Provider Configuration Document, which should be available in the  /.well-known/openid-configuration  endpoint.

Authorization Token Endpoint

Authorization server's authorization endpoint, which you can retrieve using the server's Metadata URI (Issuer URL + "/.well-known/openid-configuration")

Sample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/authorize

Available when Issuer  is set to "Custom ".
Token Endpoint
The endpoint on the Authorization Server is used to programmatically request tokens,  which you can retrieve using the server's Metadata URI (Issuer URL + "/.well-known/openid-configuration")
Sample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/token

Available when Issuer  is set to "Custom ".
User Info Endpoint

User Profile Information,  which you can retrieve using the server's Metadata URI (Issuer URL + "/.well-known/openid-configuration")

Sample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/userinfo

Available when Issuer  is set to "Custom ".
Json Web Key Set
Issued by the authorization server and signed using the RS256 signing algorithm
Sample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/keys

Available when Issuer  is set to "Custom ".
Response Types SupportedBy default, code

Client ID

The Client ID provisioned by the OpenID provider when the client was registered

Client Secret

The Client Secret (password) provisioned by the OpenID provider when the client was registered

A list of Auth0 scopes to request when connecting to the Identify Provider. 

By default, openid profile email

User Provisioning Enabled

If enabled, ensures the user account is created in Joget's User Directory

Configure OpenID Connect Login Button


Login Button Text

Login button styling text

Sample Value


Login Button Icon

Login button styling icon class

Sample Value

fas fa-arrow-right

Button Text Color
Login button styling button text color

Sample Value


Button Background Color
Login button styling button background-color

Sample Value


Sample Configurations

Attribute / ProviderOKTAOKTAGoogleMicrosoft Azure ADAuth0
IssuerIssuer URLCustomIssuer URLCustomIssuer URL
Issuer URL
Authorization Token Endpoint
Token Endpoint
User Info Endpoint
Json Web Key Set /discovery/v2.0/keys
Responses Types Supportedcodecodecodecodecode
Client IDclientIDSampleValueclientIDSampleValueclientIDSampleValueclientIDSampleValueclientIDSampleValue
Client SecretclientSecretSampleValueclientSecretSampleValueclientSecretSampleValueclientSecretSampleValueclientSecretSampleValue
Scopeopenid profile emailopenid profile emailopenid emailopenid profile emailopenid profile email
Documentation Link

To obtain all the URL paths, from your Azure App, go to Overview > Endpoints, look for "OpenID Connect metadata document" and open the URL to obtain all the paths.

Connect to OpenID Connect Identity Provider (

Download Plugin

Change Logs


[ MODIFIED ]    : Redirect back to referrer after login.

[ FIXED ]       : Fix nonce issue.


[ FIXED ]       : Fix Forgot password not displaying on login when enabled.


[ FIXED ]       : 404 error on first login by local user after enabling the plugin.
[ FIXED ]       : Incorrect SSO URL.
[ MODIFIED ]    : Added default values to login button.


[ ADDED ]       : Initial Release.

  • No labels