> For the complete documentation index, see [llms.txt](https://docs.vergeos-demo.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.vergeos-demo.com/run-the-platform/authentication/oidc-apps-overview.md). # VergeOS OIDC Applications Overview VergeOS provides OIDC functionality to allow centralized identity management for multiple VergeOS systems and or tenants. ## VergeOS OIDC Application Benefits * Ability to establish a VergeOS system as an identity provider (with or without an upstream provider such as Google, Azure, etc.) * Same app/token in an upstream authorization provider can be used for multiple physical environments and tenants rather than creating a separate one for each. * Provides single sign-on (SSO) capabilities across VergeOS systems * MSPs/providers can have central login linked back to their environment for all tenants * OIDC delivers a standardized, widely-supported protocol with built-in security features * Less administrative burden for user/group management across VergeOS systems/tenants ## General Operational Flow * User attempts to log in to a VergeOS system * The request is redirected to the VergeOS identity provider system * When there is a third-party provider configured, the request is redirected upstream as needed (e.g. Google Auth) * Tokens containing user information are sent back to the initial VergeOS system * Tokens are verified and a user session is created ## Configuration Steps Configuring a central VergeOS identity provider involves the following steps: 1. Create any upstream authorization sources (like Google, Azure, Okta) on the system that will act as the VergeOS Identity Provider. 2. [Setting Up VergeOS as an OIDC Provider](/knowledge-base/system-administration/setting-up-vergeos-as-identity-provider-oidc.md) {% hint style="success" %} **Multiple OIDC applications can be created on the same system to accommodate different configurations.** {% endhint %} 3. [Configuring VergeOS as an OIDC Client](/knowledge-base/system-administration/configuring-vergeos-as-oidc-client.md) For detailed implementation guidance and troubleshooting, refer to the linked knowledge base articles above. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.vergeos-demo.com/run-the-platform/authentication/oidc-apps-overview.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.