Login
    Contents x
    OAuth Authentication
    • 20 May 2024
    • 3 Minutes to read
    • Print
    • PDF
    Contents

    OAuth Authentication

    • Updated on 20 May 2024
    • 3 Minutes to read
    • Print
    • PDF
    Article summary

    OAuth Authentication enables user access to third-party applications without sharing their login credentials, issuing access tokens to grant permission to user accounts.

    Add OAuth Authentication

    To add a new OAuth Configuration, perform the following steps. 

    1. Navigate to Platform Studio > Access Control Center > Add Authentication > OAuth
    2. Select OAuth from the Authentication Types.
      Figure: OAuth

    3. Click Add OAuth Configuration to add a new instance for Authentication type.
      Figure: Add OAuth

    4. Click Next to move to the next screen to enter the configuration details. 

    Create User


    If OAuth Tab is selected, then Super Admin should enter the following general properties as shown in the screenshot.
     

    Figure: OAuth Configuration screen

     
    The table shows the list of attributes for enabling the OAuth Configuration.
    Table

    Field
    Description
    NameSpecify a name for the OAuth configuration in the Name field.
    Logo*Upload the Logo for SAML configuration here. Choose the image for Logo and click Upload.
    Client ID*
    Enter the public identifier value for the field. Client ID is the application ID from the Okta portal used to identify and authenticate your application when it communicates with Okta for user authentication and authorization purposes.
    Grant Type*Select the Grant Type as Authorization Code or Implicit by expanding the Grant Type dropdown. Grant Type is used to specify the method or flow by which a client application obtains an access token from an OAuth 2.0 authorization server. If you select Authorization Code, the application allows the user to enter the code after logging in. If Implicit is selected, the application immediately gets access to the information after logging in.
    Figure: Grant Type
    Login URL*
    Specify the Login URL under the field. The login URL is where users input their authentication credentials, like usernames and passwords, to access their accounts or protected resources within the system.
    Redirect URL*
    Type the Redirect URL here. It is the URL used for redirecting the User to a specific page after SSO. This is the same URL you have specified in the Redirect URL field of the Okta portal.
    Figure: Redirect URL
    Token Endpoint URL*
    Specify the Token Endpoint URL under the field. It is a web service that clients (applications) use to request access tokens from the authorization server.
    Figure: Token Endpoint URL
    User Information Endpoint URL*Enter the User Information Endpoint URL. This endpoint provides a way for client applications to obtain information about the authenticated user after getting an access token.
    Figure: User Information Endpoint URL
    Issuer* 
    Type the URL of the Issuer. It is the URL that identifies your OAuth identity provider.
    Response Attribute*
    		Select the option  Email or User Principal Name or Better by expanding the Response Attribute drop-down list.

    If you select Email, when the user authorizes an application using OAuth, they will be asked to grant access to their email address as part of their profile information.

    For User Principal Name, the user account name (in an email address format) in an email system should specify the email provider's domain name.

    Better: More detailed user information.

    Figure: Response Attribute
    Scope
    Specify the Scope ( openid, profile, email) for the field.
    Refresh Redirect URL
    Enter the URL for URL for Refresh Redirect for the field.
    Figure: Refresh Redirect 
    Logo* 

    Choose the image for Logo and click the Upload.

    Logout URL
    Specify the URL for sending a logout request to the OAuth provider to log out from the provider.
    Two Factor AuthenticationEnable the check for Two Factor Authentication.Figure: Check box
    If you click Two Factor Authentication, you can choose the type of Login Type from the field list.
    Figure: Enable Two Factor Authentication
    Create UserEnable the box to create user. Specify the Timezone from the drop-down list.
    Figure: Timezone
    Figure: Timezone list
    Select the Roles for the User from the drop-down list.
    Figure: Roles

    To save the Configuration, click Submit. The Authentication is configured successfully.

    Figure: OAuth Configuration

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout