Step 6: Add application client settings (required)


Note. All Example Values in the tables below are examples only. Your values will be different in most cases.


Creating a new OIDC client (in the previous step) automatically creates an application client with the following settings and the appropriate values in place:

Setting Name

Example Value

janrainOidcClientId

1ab23456-7c8d-90ef-g123-45hij6789012

Note that you cannot change the value of this setting. That means that your application client can’t be associated with a different OIDC login client.

site_name

Self-Study Web Site

The value of the site_name setting appears on your browser tabs and in your transactional emails. For example, if the site_name is property is set to Self-Study Web Site then your browser tab (in Firefox) will look similar to this:

If you’re running Hosted Login v2 you’ll also see the site name displayed on the sign-in screen:

user_entity_type

user

Note that the value of the user_entity_type client setting must match the value of the entityType setting in your login policy. If they don’t match, user logins will likely fail with an “Incorrect username or password” error.

password_recover_url *

https://v1.api.us.janrain.com/12345678-1234-1234-1234-123456789012/auth-ui/reset-password?client_id=1ab23456-7c8d-90ef-g123-45hij6789012

URL users are directed to in order to reset a forgotten password.

verify_email_url *

https://v1.api.us.janrain.com/12345678-1234-1234-1234-123456789012/auth-ui/verify-account?client_id=1ab23456-7c8d-90ef-g123-45hij6789012

URL users are redirected to in order to verify their email address.

* The template for the preceding URLs is: https://v1.api.<region>.janrain.com/<customer-id>/auth-ui/<endpoint>?client_id=<oidc-client-id>

In order for Hosted Login to function, a few more settings must be added to this login client:

Setting Name

Example Value

default_flow_name

standard

Make sure that you reference a Hosted Login-compatible flow. 

default_flow_version

20190808194524428311

Version number of the flow. You can use HEAD as the flow version; if you do this, your application client will automatically use the latest version of a flow. However, we don’t recommend using HEAD for production clients. Instead, you should use an actual version number, and then update that version number as needed.

legal_acceptance_id_1

privacyPolicy-v1

Note that one of your legal acceptances must be set to privacyPolicy-v1 and the other must be set to termsOfService-v1. For more information on legal acceptances and how to configure them, see the authorization rule documentation.

legal_acceptance_id_2

termsOfService-v1

Note that one of your legal acceptances must be set to privacyPolicy-v1 and the other must be set to termsOfService-v1. For more information on legal acceptances and how to configure them, see the authorization rule documentation.

regex_standard_newPassword

.*

This regular expression matches any character other than the linebreak character (.) followed by any, and any number of, other characters, This is the default value; however, you can replace this value with a regular expression of your own (for example, to enforce a minimum length, or to ensure that a password includes a number, an uppercase letter, and a lowercase letter, etc.).


  Step 7: Call Hosted Login