OAuth Authentication
  • 20 May 2024
  • 3 Minutes to read
  • PDF

OAuth Authentication

  • PDF

Article summary

OAuth Authentication enables user access to third-party applications without sharing their login credentials, issuing access tokens to grant permission to user accounts.

Add OAuth Authentication

To add a new OAuth Configuration, perform the following steps. 

  1. Navigate to Platform Studio > Access Control Center > Add Authentication > OAuth
  2. Select OAuth from the Authentication Types.
    Figure: OAuth

  3. Click Add OAuth Configuration to add a new instance for Authentication type.
    Figure: Add OAuth

  4. Click Next to move to the next screen to enter the configuration details. 

Create User


If OAuth Tab is selected, then Super Admin should enter the following general properties as shown in the screenshot.
 

Figure: OAuth Configuration screen

 
The table shows the list of attributes for enabling the OAuth Configuration.
Table

Field
Description
NameSpecify a name for the OAuth configuration in the Name field.
Logo*Upload the Logo for SAML configuration here. Choose the image for Logo and click Upload.
Client ID*
Enter the public identifier value for the field. Client ID is the application ID from the Okta portal used to identify and authenticate your application when it communicates with Okta for user authentication and authorization purposes.
Grant Type*Select the Grant Type as Authorization Code or Implicit by expanding the Grant Type dropdown. Grant Type is used to specify the method or flow by which a client application obtains an access token from an OAuth 2.0 authorization server. If you select Authorization Code, the application allows the user to enter the code after logging in. If Implicit is selected, the application immediately gets access to the information after logging in.
Figure: Grant Type
Login URL*
Specify the Login URL under the field. The login URL is where users input their authentication credentials, like usernames and passwords, to access their accounts or protected resources within the system.
Redirect URL*
Type the Redirect URL here. It is the URL used for redirecting the User to a specific page after SSO. This is the same URL you have specified in the Redirect URL field of the Okta portal.
Figure: Redirect URL
Token Endpoint URL*
Specify the Token Endpoint URL under the field. It is a web service that clients (applications) use to request access tokens from the authorization server.
Figure: Token Endpoint URL
User Information Endpoint URL*Enter the User Information Endpoint URL. This endpoint provides a way for client applications to obtain information about the authenticated user after getting an access token.
Figure: User Information Endpoint URL
Issuer* 
Type the URL of the Issuer. It is the URL that identifies your OAuth identity provider.
Response Attribute*
Select the option  Email or User Principal Name or Better by expanding the Response Attribute drop-down list.

If you select Email, when the user authorizes an application using OAuth, they will be asked to grant access to their email address as part of their profile information.

For User Principal Name, the user account name (in an email address format) in an email system should specify the email provider's domain name.

Better: More detailed user information.

Figure: Response Attribute
Scope
Specify the Scope ( openid, profile, email) for the field.
Refresh Redirect URL
Enter the URL for URL for Refresh Redirect for the field.
Figure: Refresh Redirect 
Logo* 

Choose the image for Logo and click the Upload.

Logout URL
Specify the URL for sending a logout request to the OAuth provider to log out from the provider.
Two Factor AuthenticationEnable the check for Two Factor Authentication.Figure: Check box
If you click Two Factor Authentication, you can choose the type of Login Type from the field list.
Figure: Enable Two Factor Authentication
Create UserEnable the box to create user. Specify the Timezone from the drop-down list.
Figure: Timezone
Figure: Timezone list
Select the Roles for the User from the drop-down list.
Figure: Roles

To save the Configuration, click Submit. The Authentication is configured successfully.

Figure: OAuth Configuration


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.