How the login via social networks and ID providers works

The following sections describe the foundational processes when logging in to an Intrexx portal with the aid of ID providers. A general understanding of these processes should help you configure your respective ID provider. The specific configuration steps may vary greatly from one provider to the other.

Conventional method: Authentication via the Intrexx user management

Frequently, the portal user is authenticated via a comparison with the Intrexx user management system. The user enters his/her login data in the portal login fields and Intrexx checks whether the user is permitted to log in and which permissions he/she has in the portal.

Authentication via ID providers

When authenticating with ID providers, Intrexx forwards the login process to the ID provider and obtains the data the user required to log in from there.

Communication workflow

From a technical perspective, the communication between Intrexx and the ID provider is implemented via OAuth2 and OpenID.
The following graphic provides a simplified depiction of the communication workflow between Intrexx and the ID provider.

	The user clicks on the login button of the ID provider in the Intrexx portal. The browser forwards the login process to the Intrexx portal server. The Intrexx portal server identifies that the user would like to log in via an ID provider.
	The Intrexx portal server establishes a connection to the ID provider and requests the required authentication data for the user. The user is asked to log in to the ID provider. (The Facebook login dialog opens, for example.)
	The ID provider transfers the data required to log in to the Intrexx portal. The user is logged in to the portal.