Skip to main content
Skip table of contents

Dependency Track OpenID Integration

This document explains how to implement MonoSign with Dependency Track. It covers Single Sign-On and also group mapping for the Dependency Track Application.

Before you continue, starting with Dependency Track’s Single Sign-On implementation page is better.

Creating an Application on MonoSign

Create your application on MonoSign and configure your access policy. Once you create, click “Keys” and add a new Access Key for OpenId / OIDC Key for access.

We will need this information while we configure the Dependency Track app.

You are going to see your configuration for your Dependency Track app as follows;

We are also going to need to configure group mapping for users. Click “Configure” on your OpenId / OIDC key, click “OpenId / OIDC Settings” and scroll down to group mappings.

  1. Enable Group Mapping to Yes

  2. Group Mapping Attribute should be “groups” (without quotes)

If you want to filter your groups for mapping, you can use examples as shown on the page.

If you configured it all, you have finished your MonoSign configuration. Now you continue with the Dependency Track app.

Your application needs to have access to groups. If you are configured yet, you can Edit your application, go to the “Source, Provider and Profile” tab, and configure User Group Access Type “Assigned Users and Defined Sources”. It means this application can access users’ groups when they sign in.




User Access Type

Defines which Users will access this application.

Only Assigned Users
All Users

User Group Access Type

Defines the application’s user group access

Only Assigned Users
Assigned Users and Defined Sources
All Users

Profile Access Type

Defines Application’s user’s profile access

Restricted - Only restricted user profile attributes
All - All user profile attributes

Configuration Single Sign-On for Dependency Track

As we mentioned, please check out the Dependency Track’s SSO configuration page first.

You must add your OIDC (OpenId) settings to your API and Frontend application.

The following information is needed for your configuration file or environment file.

API Server



OIDC_SCOPE=openid profile email

You can gather this information from your Application Detail page on MonoSign.

Now, you need to configure your Dependency Track application for group mapping. Group mapping means which MonoSign User Group will be mapped as your Dependency Track application group. MonoSign can fetch all your users group from any source like Active Directory, LDAP, or a data store like MSSQL, MySQL, Postgres, etc.

Go to your Dependency Track app’s “Administration, OpenID Connect Groups” and click “Create Group”.

Type your MonoSign Group Name (it can also be your Active Directory or LDAP group name) and click Create. My group name is “Dependency Track Admin” on MonoSign. Map your group to Dependency Track Admin teams. I have mapped my “Dependency Track Admin” group to the “Administrators” team.

Now, go back to MonoSign, grant your users access, and try logging in.

Assign a user to the Dependency Track app

I will give permission to “john.smith” who is my user on MonoSign.

Click Users, then type your user’s name and navigate.

Click “Groups” and “Assign New Group”. Then, search your group and assign it.

Now, navigate to Applications, search your Dependency Track app, and Assign “john.smith”.

It is done. Now try logging in. Navigate to the “Dependency Track” app. Click MonoSign on the UI.

You will be redirected to MonoSign’s login page if everything is configured correctly. You can log in passwordlessly with your QR code or type your username and password.

When you log in, you will be redirected to the Dependency Track as Administrator.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.