App Configuration Guide
This guide explains the key settings used to configure the client app.
๐ URLsโ
- Primary:
https://localhost:60230/This is the main ClientHub API endpoint. It provides data to the client app during normal operation. - Training:
https://test.bliksundhf.no/clienthub/This is used when the app switches to training mode. Users can activate this mode by clicking the "..." button in the app.
โฑ Lock Timerโ
- Value:
15The app will auto-lock after 15 minutes of inactivity to help protect sensitive data.
๐ Encrypt Databaseโ
- Enabled:
trueThe local SQLite database used by the client app will be encrypted for added security.
๐ Language (Locale)โ
- Current:
enThe app supports multiple languages, including:- English (UK)
- Danish
- Norwegian
- German
- Swedish
๐ Authenticationโ
The app uses OIDC (OpenID Connect) for authentication. It supports two modes:
- Client-side (WebView):
If
ServerSideOIDCAuthenticationis set tofalse, the app handles login inside the client app using WebView. - Server-side (via ClientHub):
If
ServerSideOIDCAuthenticationistrue, the app authenticates through the ClientHub API.
Key Settings:โ
- ServerSideOIDCAuthentication:
falseControls where authentication happens (client or server). - ClientId:
4a821d50-11a1-483f-8782-e865ab3033a1This is the Application (client) ID from Microsoft Entra (Azure AD). - Authority:
https://login.microsoftonline.com/73935988-7e75-46c2-8cc6-d2d91985f67b/v2.0This is the login URL used for authentication. - Scope:
openid profile emailThis must includeopenid(for sign-in) and any other scopes needed for consent. - Claims:
- User ID:
preferred_username - Name:
name - Organization:
extn.OrganizationIdentification
- User ID:
- UseWebView2Login:
trueEnables login using WebView2 inside the app. - EnableAzureSSOExperience:
falseSet totrueto allow SSO using the Windows account. - AdditionalLoginParameters:
Can be used to customize login (e.g.,
&prompt=select_account).
๐ Loggingโ
- Minimum Level:
WarningOnly warnings and more severe messages will be logged. This helps reduce noise and keeps logs focused on important issues.
๐งช Debuggingโ
-
EnableWebViewDebugging:
trueAllows debugging of WebView content during development.Examplesโ
WebView based OIDC loginโ
{
"Version": 2,
"Url": {
"Primary": "https://ewa.releases.bliksundhf.no/main/clienthub/",
"Training": "https://test.bliksundhf.no/clienthub/"
},
"Dataset": "Azure",
"LockTimer": 15,
"EncryptDatabase": true,
"Locale": "en",
"Authentication": {
"ServerSideOIDCAuthentication": false,
"OidcClientOptions": {
"ClientId": "4a821d50-11a1-483f-8782-e865ab3033a1",
"ClientSecret": null,
"Authority": "https://login.microsoftonline.com/73935988-7e75-46c2-8cc6-d2d91985f67b/v2.0",
"Scope": "openid profile api://4a821d50-11a1-483f-8782-e865ab3033a1/Client"
},
"UserIdClaimType": "preferred_username",
"NameClaimType": "name",
"OrganizationClaimType": "extn.OrganizationIdentification",
"CurrentOrganizationId": null,
"UseWebView2Login": true,
"EnableAzureSSOExperience_Comment": "Set to true to enable SSO experience using the logged in-to Windows account",
"EnableAzureSSOExperience": false,
"AdditionalLoginParameters_Comment": "Often used when EnableSSOExperience is set to true to configure the login experience. Examples: &prompt=select_account, &prompt=none, &prompt=login",
"AdditionalLoginParameters": ""
},
"Logging": {
"MinimumLevel": "Warning"
},
"EnableWebViewDebugging": true
}
Browser based OIDC loginโ
{
"Version": 2,
"Url": {
"Primary": "https://ewa.releases.bliksundhf.no/main/clienthub/",
"Training": "https://test.bliksundhf.no/clienthub/"
},
"Dataset": "Azure",
"LockTimer": 15,
"EncryptDatabase": true,
"Locale": "en",
"Authentication": {
"ServerSideOIDCAuthentication": true,
"AdditionalLoginParameters_Comment": "Often used when EnableSSOExperience is set to true to configure the login experience. Examples: &prompt=select_account, &prompt=none, &prompt=login",
"AdditionalLoginParameters": ""
},
"Logging": {
"MinimumLevel": "Warning"
},
"EnableWebViewDebugging": true
}