- 20 May 2024
- 3 Minutes to read
- Print
- PDF
OAuth Authentication
- Updated on 20 May 2024
- 3 Minutes to read
- Print
- PDF
OAuth Authentication enables user access to third-party applications without sharing their login credentials, issuing access tokens to grant permission to user accounts.
Add OAuth Authentication
To add a new OAuth Configuration, perform the following steps.
- Navigate to Platform Studio > Access Control Center > Add Authentication > OAuth.
- Select OAuth from the Authentication Types.
Figure: OAuth - Click Add OAuth Configuration to add a new instance for Authentication type.
Figure: Add OAuth - Click Next to move to the next screen to enter the configuration details.
Create User
If OAuth Tab is selected, then Super Admin should enter the following general properties as shown in the screenshot.
Figure: OAuth Configuration screen
The table shows the list of attributes for enabling the OAuth Configuration.
Table
Field | Description |
---|---|
Name | Specify a name for the OAuth configuration in the Name field. |
Logo* | Upload the Logo for SAML configuration here. Choose the image for Logo and click Upload. |
Client ID* | Enter the public identifier value for the field. Client ID is the application ID from the Okta portal used to identify and authenticate your application when it communicates with Okta for user authentication and authorization purposes. |
Grant Type* | Select the Grant Type as Authorization Code or Implicit by expanding the Grant Type dropdown. Grant Type is used to specify the method or flow by which a client application obtains an access token from an OAuth 2.0 authorization server. If you select Authorization Code, the application allows the user to enter the code after logging in. If Implicit is selected, the application immediately gets access to the information after logging in. Figure: Grant Type |
Login URL* | Specify the Login URL under the field. The login URL is where users input their authentication credentials, like usernames and passwords, to access their accounts or protected resources within the system. |
Redirect URL* | Type the Redirect URL here. It is the URL used for redirecting the User to a specific page after SSO. This is the same URL you have specified in the Redirect URL field of the Okta portal. Figure: Redirect URL |
Token Endpoint URL* | Specify the Token Endpoint URL under the field. It is a web service that clients (applications) use to request access tokens from the authorization server. Figure: Token Endpoint URL |
User Information Endpoint URL* | Enter the User Information Endpoint URL. This endpoint provides a way for client applications to obtain information about the authenticated user after getting an access token. Figure: User Information Endpoint URL |
Issuer* | Type the URL of the Issuer. It is the URL that identifies your OAuth identity provider. |
Response Attribute* | Select the option Email or User Principal Name or Better by expanding the Response Attribute drop-down list. If you select Email, when the user authorizes an application using OAuth, they will be asked to grant access to their email address as part of their profile information. For User Principal Name, the user account name (in an email address format) in an email system should specify the email provider's domain name. Better: More detailed user information. Figure: Response Attribute |
Scope | Specify the Scope ( openid, profile, email) for the field. |
Refresh Redirect URL | Enter the URL for URL for Refresh Redirect for the field. Figure: Refresh Redirect |
Logo* | Choose the image for Logo and click the Upload. |
Logout URL | Specify the URL for sending a logout request to the OAuth provider to log out from the provider. |
Two Factor Authentication | Enable the check for Two Factor Authentication.Figure: Check box If you click Two Factor Authentication, you can choose the type of Login Type from the field list. Figure: Enable Two Factor Authentication |
Create User | Enable the box to create user. Specify the Timezone from the drop-down list. Figure: Timezone Figure: Timezone list Select the Roles for the User from the drop-down list. Figure: Roles |
To save the Configuration, click Submit. The Authentication is configured successfully.
Figure: OAuth Configuration