This article covers the process to configure the Pendo Launcher extension to retrieve visitor information (ID and metadata) from an OpenID Connect (OIDC) using a Proof Key for Code Exchange (PKCE) compatible identity provider (IdP), which involves:
- Creating a new app integration in the IdP.
- Configuring the app integration and adding redirect URLs.
- Adding the Client ID and Discovery URL in Pendo.
Step 1. Create a new app integration in your IdP
- Sign in to your IdP with an administrator account.
- Go to the admin settings.
- Follow the instructions for your IdP to add a new application or integration for the Pendo Launcher.
- Ensure that the application is set up to use OIDC and PKCE. This often involves selecting an option related to "single-page application".
Step 2. Configure the application and add redirect URLs
After the application is created, you must ensure that the right permissions and redirect URLs are added:
-
Under the settings for sign-in redirect URIs, add the redirect URIs for each of the browsers you plan to use:
-
For Chrome:
- https://epnhoepnmfjdbjjfanpjklemanhkjgil.chromiumapp.org/idp
- chrome-extension://epnhoepnmfjdbjjfanpjklemanhkjgil
-
For Edge:
- https://lgpofjmgggolmabddgdmbgipcnblpnbm.chromiumapp.org/idp
-
chrome-extension://lgpofjmgggolmabddgdmbgipcnblpnbm
-
For Chrome:
-
Under the application settings for assigning the application to users, choose whatever option allows everyone in your organization to access this application without additional configuration or approval.
- Under the permitted scopes and permissions, ensure that the application has the ability to read the user and profile information of the signed-in user.
Step 3. Collect Client and Discovery URL
After the application is created and configured, collect the newly assigned Client ID and the Ddiscovery URL for the provider.
- From the details page of the newly created application, copy the Client ID value.
-
Find the documentation for your provider that specifies the Discovery URL. The URL often ends in something like the following:
/.well-known/openid-configuration
.
Step 4. Set up the IdP for visitor identification in Pendo
- In Pendo, go to Settings > Subscription settings > Extension.
- Select Use IdP for visitor identification.
- Choose Other OIDC provider from the Select identity provider dropdown menu.
- Enter the Client ID and Discovery URL.
-
Enter the property name to use as the Visitor ID from the IdP token. If you're unsure, use sub.
-
Optionally:
- Turn on Retrieve metadata along with Visitor ID. For more information about this setting, see Extension subscription settings.
- Select Choose value to select your visitor metadata. If you don't choose values for your visitor metadata, the default is to include all provide values provided by your identity provider as visitor metadata.
- Select Save configuration.
Your Pendo subscription is now configured to interact with your IdP using the provided Visitor IDs and metadata.