How Do I Update the Credentials for a Third-Party Authentication Provider?

Background and Setup

Good to Know

This procedure assumes the authentication provider is already configured and operating.
For more information, refer to Add an Authentication Type.
You may need to complete this procedure if, for example, the credentials expire with your authentication provider.

How to Start

On the AgilePoint Server machine, in a text editor, open the AgilePoint NX Portal configuration file:
(NX Portal configuration folder - v9.0 and higher) C:\Program Files\AgilePoint\AgilePointPortalInstance\config\web.yaml

Configure the Authentication Providers

To add or change the authentication providers for AgilePoint NX Portal, do the procedure in this topic.

Procedure

In the file web.yaml, add or change the attributes that are necessary for your authentication provider.
Refer to the sections in this topic for the configuration information for each authentication provider.

If you want to add or change the authentication providers that you use for the Portal, change the value of the activeauthproviders key as necessary.

Field Name	Definition
activeauthproviders	Description: Specifies the authentication providers for AgilePoint NX Portal. Allowed Values: One or more authentication provider names, separated by commas (,) agilepointid - Specifies AgilePoint NX authentication. AgilePoint ID is not supported in AgilePoint NX OnPremises. activedirectory - Specifies Active Directory authentication where the Active Directory runs in an on-premises environment. You can configure the Active Directory authentication on the AgilePoint Server Configuration Utility > System tab. acs - Specifies Amazon Cognito authentication. adfs - Specifies ADFS authentication. googleplus - Specifies Google Workspace authentication. oam - Specifies Oracle Access Management authentication. oidc - Specifies IdentityServer authentication. okta - Specifies Okta authentication. pingfed - Specifies PingFederate authentication. salesforce - Specifies Salesforce authentication. siteminder - Specifies SiteMinder authentication. To configure the SiteMinder authentication, contact AgilePoint Professional Services. waad - Specifies authentication with Microsoft Entra ID, Microsoft 365, or SharePoint for Microsoft 365. Default Value: ["activedirectory"] Example: "activeauthproviders": ["activedirectory", "waad"]

Field Name

Definition

activeauthproviders

Description:

Specifies the authentication providers for AgilePoint NX Portal.

Allowed Values:

One or more authentication provider names, separated by commas (,)

agilepointid - Specifies AgilePoint NX authentication.
AgilePoint ID is not supported in AgilePoint NX OnPremises.
activedirectory - Specifies Active Directory authentication where the Active Directory runs in an on-premises environment.
You can configure the Active Directory authentication on the AgilePoint Server Configuration Utility > System tab.
acs - Specifies Amazon Cognito authentication.
adfs - Specifies ADFS authentication.
googleplus - Specifies Google Workspace authentication.
oam - Specifies Oracle Access Management authentication.
oidc - Specifies IdentityServer authentication.
okta - Specifies Okta authentication.
pingfed - Specifies PingFederate authentication.
salesforce - Specifies Salesforce authentication.
siteminder - Specifies SiteMinder authentication.
To configure the SiteMinder authentication, contact AgilePoint Professional Services.
waad - Specifies authentication with Microsoft Entra ID, Microsoft 365, or SharePoint for Microsoft 365.

Default Value:

["activedirectory"]

Example:

"activeauthproviders": ["activedirectory", "waad"]

Save the file.
Restart your AgilePoint Portal instance.
For more information, refer to Restarting AgilePoint Server and AgilePoint Portal

ADFS

These settings specify the credentials for ADFS.

Fields

Field Name	Definition
adfs:portalclientid	Description: Specifies the client ID of the app you added in ADFS. Allowed Values: One line of text (a string). Represents: A GUID Default Value: None Example: Format: "adfs:portalclientid": "[client ID from ADFS]" Example: "adfs:portalclientid": "8emqdmcst123uchcfijtf4tgmd"
adfs:portalclientsecret	Description: Specifies the client secret of the app you created or added in ADFS. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "adfs:portalclientsecret": "[client secret from ADFS]" Example: "adfs:portalclientsecret": "8gkhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"
adfs:authority	Description: Specifies the ADFS server URL. Allowed Values: One line of text (a string). Format: URL Default Value: None Example: Format: "adfs:authority": "[ADFS server URL]" Example: "adfs:authority": "https://adfs.contoso.com/adfs/ls/"

Amazon Cognito

These settings specify the credentials for Amazon Cognito.

Fields

Field Name	Definition
acs:authority	Description: Specifies the Amazon Cognito server URL. Allowed Values: One line of text (a string). Format: URL Default Value: None Example: Format: "acs:authority": "[Amazon Cognito service URL]" Example: "acs:authority": "https://cognito-idp.us-east-2.amazonaws.com/us-east-1_abcdefg12"
acs:clientid	Description: Specifies the client ID of the app you added in Amazon Cognito. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "acs:clientid": "[client ID from Amazon Cognito]" Example: "acs:clientid": "2tmqdmcst123uchcfijtf4tgmd"
acs:clientsecret	Description: Specifies the client secret of the app you created or added in Amazon Cognito. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "acs:clientsecret": "[client secret from Amazon Cognito]" Example: "acs:clientsecret": "8gkhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

Google Workspace

These settings specify the credentials for Google Workspace.

Fields

Field Name	Definition
gp:clientid	Description: Specifies the client ID of the app you added in Google Workspace. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "gp:clientid": "[client ID from Google Workspace]" Example: "gp:clientid": "k45fgjqdmcst123uchcfijtf4tgmd"
gp:clientsecret	Description: Specifies the client secret of the app you created or added in Google Workspace. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "gp:clientsecret": "[client secret from Google Workspace]" Example: "gp:clientsecret": "8qyrhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

IdentityServer

These settings specify the credentials for IdentityServer.

Fields

Field Name	Definition
oidc:authority	Description: Specifies the IdentityServer server URL. Allowed Values: One line of text (a string). Format: URL Default Value: None Example: Format: "oidc:authority": "[server URL for IdentityServer]" Example: "oidc:authority": "https://login.identityprovider.com"
oidc:clientid	Description: Specifies the client ID of the app you added in IdentityServer. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "oidc:clientid": "[client ID from IdentityServer]" Example: "oidc:clientid": "5hhjlkhvhnmqdmcst123uchcfijtf4tgmd"
oidc:clientsecret	Description: Specifies the client secret of the app you created or added in IdentityServer. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "oidc:clientsecret": "[client secret from IdentityServer]" Example: "oidc:clientsecret": "7tert3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

Microsoft Entra ID (Microsoft 365 / SharePoint for Microsoft 365)

These settings specify the credentials for Microsoft Entra ID, Microsoft 365 or SharePoint for Microsoft 365.

Fields

Field Name	Definition
ida:clientid	Description: Specifies the client ID of the app you added in Microsoft Entra ID. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "ida:clientid": "[client ID from Microsoft Entra ID]" Example: "ida:clientid": "abcd-1234-efgh-5678"
ida:password	Description: Specifies the client secret of the app you created or added in Microsoft Entra ID. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "ida:password": "[client secret from Microsoft Entra ID]" Example: "ida:password": "8gkhk3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

Okta

These settings specify the credentials for Okta.

Fields

Field Name	Definition
okta:oauthauthority	Description: Specifies the Okta server URL. Allowed Values: One line of text (a string). Format: URL Default Value: None Example: Format: "okta:oauthauthority": "[Okta server URL]" Example: "okta:oauthauthority": "https://dev-1okta.com"
okta:oauthclientid	Description: Specifies the client ID of the app you added in Okta. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "okta:clientid": "[client ID from Okta]" Example: "okta:clientid": "5iughldqdmcst123uchcfijtf4tgmd"
okta:oauthclientsecret	Description: Specifies the client secret of the app you created or added in Okta. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "okta:clientsecret": "[client secret from Okta]" Example: "okta:clientsecret": "3mnfss3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

Oracle Access Management

These settings specify the credentials for Oracle Access Management.

Fields

Field Name	Definition
oam:authority	Description: Specifies the Oracle Access Management server URL. Allowed Values: One line of text (a string). Format: URL Default Value: None Example: Format: "oam:authority": "[Oracle Access Management server URL]" Example: "oam:authority": "http://oam.example.com:7001/oamconsole"
oam:clientid	Description: Specifies the client ID of the app you added in Oracle Access Management. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "oam:clientid": "[client ID from Oracle Access Management]" Example: "oam:clientid": "2tjhnmqdmcst123uchcfijtf4tgmd"
oam:clientsecret	Description: Specifies the client secret of the app you created or added in Oracle Access Management. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "oam:clientsecret": "[client secret from Oracle Access Management]" Example: "oam:clientsecret": "8bhhgf3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

PingFederate

These settings specify the credentials for PingFederate.

Fields

Field Name	Definition
pingfed:authority	Description: Specifies the PingFederate server URL. Allowed Values: One line of text (a string). Format: URL Default Value: None Example: Format: "pingfed:authority": "[PingFederate server URL]" Example: "pingfed:authority": "https://pingfed.example.com"
pingfed:clientid	Description: Specifies the client ID of the app you added in PingFederate. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "pingfed:clientid": "[client ID from PingFederate]" Example: "pingfed:clientid": "2wehnmqdmcst123uchcfijtf4tgmd"
pingfed:clientsecret	Description: Specifies the client secret of the app you created or added in PingFederate. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "pingfed:clientsecret": "[client secret from PingFederate]" Example: "pingfed:clientsecret": "6lupgf3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"

Salesforce

These settings specify the credentials for Salesforce.

Fields

Field Name	Definition
sf:clientid	Description: Specifies the client ID of the app you added in Salesforce. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "sf:clientid": "[client ID from Salesforce]" Example: "sf:clientid": "6pghtdmcst123uchcfijtf4tgmd"
sf:password	Description: Specifies the client secret of the app you created or added in Salesforce. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None Example: Format: "sf:password": "[client secret from Salesforce]" Example: "sf:password": "6uydf3v56oe6gq6irk7u1bghdjnc1ic8646skqb6kuu1ddk1r0r"