DRAFT
Overview
Today, Admin App supports only forms-based authentication for using the application. This design proposes adding another method of delegating user-authentication to trusted 3rd party-sources via OpenID Connect, to provide single-sign on like experiences to users of Ed-Fi tools. If this design, implemented code and pattern is successful in Admin App, it will be considered for reuse in applications such as Data Import.
...
On Admin App, the cookie is used as default sign-in and sign-out schema. So, logout operation will clear the cookie.
Store external authentication provider details:
For enabling OIDC authentication Admin App needs provider details, which includes OIDC server authentication Url, Client_Id, Client_Secret, ResponseType, and required scopes.
On development environment all these details can be stored on Authentication section on appsettings.json file or can be set as user-secrets.
ex: dotnetuser-secrets set "Authentication:Google:Client_Id""sampleapp"
For production environment, it is recommended to store Client_Id and Client_Secret on environment variables.