Third Party OIDC Identity Provider: How to set up

I would like to configure the Solid Community Server to use my own OIDC Identity Provider (Red Hat Single Sign On). How would I go about setting that up in the config files?

Note that a “regular” OIDC provider will not be usable directly to authenticate for Solid, as the Solid-OIDC specification is an extension on top of OpenID Connect. In particular, the resulting ID token includes a new mandatory claim, webid, which will be missing from a stock Red Hat SSO I suspect.

You’ll probably want to implement a broker pattern, where your code acts as an intermediary between the Solid client and the non-Solid OIDC Provider, adding the missing pieces to the ID token and potentially adding support for Solid-OIDC Client Identifiers. In this type of setup, the client only talks to the identity broker, and the broker acts like a static app registered to the underlying OIDC provider.

All the ID provider related documentation in the Community Server is available at CommunitySolidServer/identity-provider.md at main · CommunitySolidServer/CommunitySolidServer · GitHub. Once you have a functioning broker, you should be able to swap out the node-oidc-provider extension used by CSS for your own code.

Does that answer your question?