WHMCS Admin OIDC Single Sign-On

Installation

IMPORTANT NOTICE: Time must be synced with the OIDC server or you may not be able to login.

1. Copy the admin directory. If you are using custom templates, check the templates folder on how to customize.

   • Login Page:
   • Auth Confirmation Page:

2. Add to WHMCS main configuration.php:

SSO Configuration

Fields (attributes) used: Ensure OIDC Server responds with these 4:

• email
• firstname
• lastname
• username

Scopes: openid profile email

Features

• Auto provision new users (Also de-provision: If a user gets deleted/disabled on OIDC, they won't be able to login to WHMCS).
• 2FA Works.
• Normal login still works.
• Password is randomly generated on user login. Users unfortunately will not be able to edit information under My Account.
• You can set the user role to the lowest and manually change it later.
• Supports third-party and custom themes. Just need to add two buttons: one on the Login template and one on the Auth Confirm template.
• Auto redirect to SSO Provider after 10 seconds, with a progress bar and cancel option.