Identity Control

Admin Login Client Manager Setup

Setup needed

Issuerhttps://sso.tryc2.com

Unified SSO and Identity for C2

Google-backed login, first-party tokens, client registry, and provisioning in one pane of glass. Hardened with PKCE, JWKS rotation, and admin controls.

Complete setup Admin console

Apps

0

OIDC

Pending

Admin

Sign in

Get started

1) Complete setup: issuer + Google client + default app.
2) Create an admin account and sign in.
3) Register client apps with exact redirect URIs.
4) Rotate keys and point apps to JWKS/discovery.

Operational tips

Use PKCE everywhere; reject auth without it.
Keep Redis/Postgres up for tokens and state.
Schedule key rotation; monitor provisioning events.
Add MFA/step-up for risky scopes and admin actions.

Registered Apps

No apps registered yet. Add one in setup or POST to /admin/apps.

Quick Endpoints

OIDC Core

Auth: /authorize
Token: /token
JWKS: /.well-known/jwks.json
Discovery: /.well-known/openid-configuration
Userinfo: /userinfo

Admin & Provisioning

Admin: /admin
SCIM: /scim/v2
Keys: /admin/keys
Provisioning events: /admin/provisioning/events
Integration spec: /integration/spec

Notes

Register redirect URIs exactly; unregistered URIs are rejected.
Use PKCE (S256) with Authorization Code; confidential clients include client_secret on token calls.
Rotate keys via /admin/keys/rotate; JWKS is live.
Redis/Postgres recommended; in-memory fallbacks reset on restart.
Complete setup to configure Google client and issuer.