Install Identity (Deprecated)

About Squidex Identity

Squidex Identity server based on Squidex Headless CMS. It implements the OpenId Connect and OAuth 2.0 protocols to act as a central single sign on server.
WARNING: Squidex Identity is not maintained anymore.

1. Setup of Squidex identity

1.1. Clone Squidex.Identity

Clone the Squidex identity repository with the following command:
git clone

1.2. Create an identity app

You can create the app with predefined schemas either in the cloud or in your custom installation:
Create Identity App

1.3. Update the identity configuration

Update the configureation with the url to your Squidex instance and the client id and secret of the default client.
Copy Default Client
Update the configuration file at: Squidex.Identity/appsettings.json
"app": {
// ...
"url": "",
"clientId": "identity:default",
"clientSecret": "xxx",
// ...
Of course you can also use environment variables, e.g.
  • APP__URL=
  • APP__CLIENTID=identity:default

2. General application settings:

If you create a identity app in Squidex you will see a schema with the settings, where you can upload a logo, footer text, privacy settings and so on.
Most settings are optional but you must setup credentials to an SMTP server.
Site Setting
Email Delivery Service:

3. External authentication providers

If you want to use external authentication providers you can setup them in the authentication schemes section, here is an example for Google.
You have to create an OAuth 2.0-Client-IDs in the google developer console. You have to define the redirect_uri in this process and you must use http://localhost:3500/signin-google
the redirect URLs for other authentication providers are:
  • http://localhost:3500/signin-twitter
  • http://localhost:3500/signin-facebook
  • http://localhost:3500/signin-github
Authentication Schemes

4. External clients

When you want to connect an external application to Squidex identity you have to configure a client. This is a little bit complicated, but you can find all settings here:

Squidex as an external client

You can also setup Squidex as an external client, so that the same users can also login to manage content.
In the first step you have to create a new client:
In the second step you have to update the Squidex configuration at Squidex/appsettings.json
"identity": {
"oidcName": "selfHostedName",
"oidcAuthority": "http://localhost:3500/",
"oidcClient": "client:selfHosted",
"oidcSecret": "xxx",
Then you can register at Squidex identity.