Skip to content

Enable Login for an OIDC Web Application

This page guides you through enabling login for an OpenID Connect web application.


  • Download Apache Tomcat 8.x and install it. Tomcat server installation location will later be referred to as <TOMCAT_HOME> in this guide.

  • It is recommended that you use a hostname that is not localhost to avoid browser errors. Modify your machine's /etc/hosts entry to reflect this.


    Note that wso2is.local is used in this documentation as an example, but you must modify this when configuring the authenticators or connectors with this sample application.

  • Download the OIDC pickup dispatch application from the latest release assets.

Register a service provider

To configure the service provider:

  1. On the Management Console, go to Main > Identity > Service Providers and click Add.

  2. Enter pickup-dispatch as the Service Provider Name, and click Register.

  3. Expand the Inbound Authentication Configuration > OAuth/OpenID Connect Configuration section and, click Configure.

  4. Select the relevant grant types that you wish to try out from the Allowed Grant Types list.

  5. Enter http://wso2is.local:8080/pickup-dispatch/oauth2client as the Callback Url, and click Add.


    • Note down the OAuth Client Key and Client Secret. You will need them when deploying the sample application.
    • For more information on Callback URL field and other advanced configurations refer, Advanced OpenID Connect Configurations
  6. Click Register to add the service provider and save the configurations.

Deploy the sample web app

To deploy the sample web app on a web container:

  1. Extract the pickup-dispatch.war file and open the file in the <EXTRACT>/WEB-INF/classes folder.

  2. Replace the consumerKey and consumerSecret values with the OAuth Client Key and Client Secret obtained when configuring the service provider.

    Configurations of pickup dispatch application

  3. Copy the modified pickup-dispatch into the webapps directory of the Tomcat folder.

  4. Start the Tomcat server.

Try it out

Now, let's log in to the application.

  1. Start the Tomcat server and access the following URL on your browser: http://localhost:8080/pickup-dispatch/home.jsp.
  2. Click Login and enter your user credentials.
  3. Provide the required consent. You will be redirected to the Pickup Dispatch application home page.

You have successfully configured authentication for a SAML application.