Skills oidc-hosted-page
Implement OIDC authentication using the SSOJet Hosted Login Page — covers client configuration, user redirect, and callback token validation.
install
source · Clone the upstream repo
git clone https://github.com/ssojet/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/ssojet/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/authentication/oidc-hosted-page" ~/.claude/skills/ssojet-skills-oidc-hosted-page && rm -rf "$T"
manifest:
skills/authentication/oidc-hosted-page/SKILL.mdsource content
Implement SSOJet OIDC Hosted Page
This skill guides you through implementing the OIDC Authorization Code flow with SSOJet's Hosted Login Page.
1. Prerequisites
- Client ID: From the SSOJet Dashboard.
- Client Secret: From the SSOJet Dashboard (store securely!).
- Redirect URI: Must be whitelisted in the SSOJet Dashboard (e.g.,
).http://localhost:3000/callback - SSOJet Domain: Your organization's SSOJet domain (e.g.,
).https://auth.ssojet.com
2. Implementation Steps
Step 1: Configure OIDC Client
Initialize your OIDC client with the credentials above. Use a well-maintained OIDC library for your language.
Step 2: Redirect to Login
Construct the authorization URL and redirect the user.
- Endpoint:
/oauth2/authorize - Params:
response_type=codeclient_id=YOUR_CLIENT_IDredirect_uri=YOUR_REDIRECT_URIscope=openid profile email
Step 3: Handle Callback
On the callback route (e.g.,
/callback- Extract the
parameter from the query string.code - Exchange the code for tokens at
./oauth2/token - Verify the
signature using the JWKS endpoint (id_token
)./.well-known/jwks.json
3. Examples
Refer to the
examples/- Node.js: examples/nodejs/app.js
- Python: examples/python/app.py
- Go: examples/go/main.go