Start Low-Code Integration

MIRACL Trust is an OpenID Connect (OIDC) Identity Provider, so integrating with any system that supports OIDC is a matter of configuration. For more information about OIDC, see How OpenID Connect Works.

This integration is easy to use and almost zero-code (if there is a plugin). Its main advantage is that MIRACL Trust controls the whole authentication process and its security. Additionally, it can be integrated with a third-party system.

What makes the low-code integration fast and easy to implement is that you don’t need to develop your own authentication clients. You can use the ones provided by MIRACL Trust:

  • MIRACL Trust PIN Pad - the platform’s web client that provides a single-step, multi-factor authentication right within the browser. It gives end users access to several useful functionalities, such as email verification, device registration management (including PIN reset), device enrolment via QuickCode, and delegating authentication to the MIRACL Trust Authenticator application.

  • MIRACL Trust Authenticator - a mobile application for iOS and Android that mirrors the web client’s functionality, enabling authentication for desktop and mobile web sessions and other mobile applications.

The built-in user verification that comes with the low-code integration allows you to have a fully functional authentication system without writing a single line of code, with support for desktop, mobile and cross-device authentication. The end user’s email address serves as the User ID for this verification method and is verified through a verification code or verification link sent to the email address. End users need to enter the code or open the link to prove ownership of the email address. For more information, see Built-in User Verification.

Although seemingly simple, this integration serves as a foundation for any further system configuration. Whether you’re just starting out or need to create a more complex solution, you can use this integration as a starting point and add custom flows as needed.

If your web application supports OpenID Connect, you can easily integrate it with MIRACL Trust in just a few minutes. To get started, follow the step-by-step instructions in this guide.

Before you begin, you must register on MIRACL Trust.

# Create an Application

Once you register, you can proceed to create an application to use for integration within the MIRACL Trust platform.

  1. After you log in the MIRACL Trust Portal, go to your project.

  2. Select Applications on the sidebar.

  3. Click + Add App.

  4. Enter the details for your application:

    • App Type - OIDC
    • App Name - choose a name for your application
    • Redirect URL (only for OIDC) - After authentication, the end user is redirected to the specified URL, where the authentication response is sent. If your application runs locally on http://127.0.0.1:5000, the redirect URL might be something like http://127.0.0.1:5000/login, where the login endpoint typically handles the OIDC code exchange for ID and access tokens.

  5. Click Add App. Your application keys (Client ID and Client Secret) are displayed.

# Client ID and Client Secret

When you create an application, you are issued Client ID and Client Secret credentials. You need them when building your application to configure your OpenID Connect integration. The Client Secret is shown to you only once when you create the application, so make sure you copy and save it when first displayed.

To see the Client ID and Project ID, go to the app’s settings:

  1. Click Applications on the sidebar. A list of your apps is displayed.

  2. Click Settings next to the app you are interested in.

# Generate New Client ID and Client Secret

If you haven’t saved your application’s Client Secret, you can generate new application keys:

  1. Go to the application’s settings (as described above).

  2. Click the Generate New Keys button in the Danger Zone section. A dialog box is displayed asking if you wish to proceed.

  3. Click Yes.

  4. Copy the newly generated Client Secret either by using the copy button at the end of the field or by selecting and copying it manually.

Once you generate new keys, the old ones are invalidated.

# Integrate with Your Application

Now that you have a Client ID and Client Secret, you can start configuring your integration with the MIRACL Trust authentication through OIDC. For this purpose, you need to have an OIDC plugin or library installed.

For a list of certified OpenID Connect Libraries, see https://openid.net/developers/certified-openid-connect-implementations/.

Additionally, check out MIRACL Trust’s OIDC Integration Samples, which showcase the integration between the platform and various OIDC libraries.

For more information about integrating with the OpenID Connect implementation provided by MIRACL Trust, see OpenID Connect.

# Configure Your Integration in the MIRACL Trust Portal

After you do the above, you can make some additional settings in the Configuration section of the MIRACL Trust Portal:

  • General

On this page, you can set your application’s login methods and PIN length.

  • Branding

Use the options on this page to configure what is displayed on your authentication page: logo, page title and theme, support email and phone number. You can also add a link to your help centre and select the default language.

  • OpenID Connect

On this page, you can set some OIDC-specific options:

  • Token Endpoint Authentication Methods
  • PKCE Code Challenge Methods
  • PKCE Only Token Exchange

Press the Save Changes button at the bottom of each page before proceeding to the next one; otherwise, you will lose your settings.

# Next Steps

You have now configured MIRACL Trust’s OIDC integration with built-in email verification. If you need a different verification flow, you can explore Custom User Verification.

If you want to use the authentication on a mobile device, you can either try the MIRACL Trust Authenticator that comes out of the box or integrate the mobile authentication in your application using the MIRACL Trust SDKs.