If you’re configuring SSO for a self-hosted Flex deployment, you need to update the appconfig.js configuration object to support authentication and single sign-on using a third-party identity provider (IdP).
For complete details about the configuration object and its properties, see the Flex UI API Reference.
The type of SSO you’re using determines the changes you need to make:
sso
object.
sso
object, and then add and configure the
oauth
object.
As soon as the oauth object exists in your appconfig.js file, Flex UI will try to use enhanced SSO for authorization. If you’re setting up an enhanced SSO connection (either for the first time or to migrate), make sure you configure the oauth object after completing the SSO setup or migration steps in Console.
sso
object as follows:
_10appConfig.sso = {_10 accountSid: string,_10 loginPopup: boolean,_10 loginPopupFeatures: string,_10};
accountSid
is the Account SID of your Twilio project.
loginPopup
indicates whether to launch the IdP login in a new window. The default is false.
loginPopupFeatures
defines standard window.open() features to apply to the popup window.
oauth
object as follows:
_10appConfig.oauth = {_10 connection: `${CONNECTION_NAME}`,_10 clientId: `${CLIENT_ID}`,_10 redirectUrl: `${DOMAIN_REDIRECT_URL}`,_10};
connection
and
clientId
values using this request, and then add them to the configuration. Make sure to add your Account SID before running the request:
_10curl --location 'https://services.twilio.com/v1/Flex/Authentication/Config?AccountSid={{YOUR_ACCOUNT_SID}}'
redirectUrl
value, add the same value you used in the
Domain redirect URL
field when you entered your IdP information in Console.
Both the Trusted domains field and the Domain redirect URL field are required to set up SSO to a self-hosted domain. This is in addition to the fields marked as required when you configure SSO via Console. See How do I log in to a self-hosted domain? to make sure your domain URL conforms to one of the allowed patterns.