Register your site at https://cilogon.org/oauth2/register to obtain your client_id and client_secret.
Client Name: The name of your Drupal site.
Contact email: Contact address of your site administrator.
Callback URLs: Use https://example.com/openid-connect/generic as the callback URL (where example.com is your site's base path). Your callback URL must use HTTPS.
Scopes: openid, email, and profile
Install the Drupal OpenID Connect module on your site, then configure it (at https://example.com/admin/config/services/openid-connect) for the "Generic" provider:
Client ID: The client_id provided by CILogon at registration time.
Client secret: The client_secret provided by CILogon at registration time.
Authorization endpoint: https://cilogon.org/authorize
Token endpoint: https://cilogon.org/oauth2/token
UserInfo endpoint: https://cilogon.org/oauth2/userinfo
Any questions? Contact firstname.lastname@example.org.