Hello everyone,
I am trying to integrate OneLogin as an external Identity Provider for authentication against the One Identity Application Server, but I am struggling to find the correct approach.
The scenario involves an external application that authenticates to OneLogin using a client ID and client secret (machine‑to‑machine integration, no interactive login).
The intended flow is the following:
1. An external application authenticates to OneLogin using OAuth 2.0 client credentials (client ID and client secret).
2. OneLogin issues an access token.
3. The access token is sent to OneLogin’s token introspection endpoint to validate it.
4. Once the token is successfully validated, the same access token is forwarded to the One Identity Application Server.
5. The One Identity Application Server should trust this token and allow authentication based on it.
What I would like to understand is:
Is it possible to configure the One Identity Application Server to accept and trust an externally issued OAuth2/OIDC access token (specifically from OneLogin)?
Does this scenario require a custom authentication module, or a specific configuration in One Identity Manager (for example via OAuth/OIDC)?
Any guidance, documentation, or examples would be greatly appreciated.
Thank you in advance!