Difference between revisions of "Oauth2 authentication"
Jump to navigation
Jump to search
old>Admin |
old>Admin |
||
| Line 45: | Line 45: | ||
=== LinkedIn Oauth === | === LinkedIn Oauth === | ||
[https://medium.com/@ellesmuse/how-to-get-a-linkedin-access-token-a53f9b62f0ce Follow the guide] | |||
Copy credentials to | Copy credentials to | ||
| Line 52: | Line 52: | ||
=== Facebook Oauth === | === Facebook Oauth === | ||
[https://developers.facebook.com/docs/facebook-login/access-tokens/] | [https://developers.facebook.com/docs/facebook-login/access-tokens/ Follow the guide] | ||
Copy credentials to | Copy credentials to | ||
| Line 59: | Line 59: | ||
=== Azure Oauth === | === Azure Oauth === | ||
[https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-oauth2] | [https://docs.microsoft.com/en-us/azure/api-management/api-management-howto-oauth2 Follow the guide] | ||
Copy credentials to | Copy credentials to | ||
| Line 66: | Line 66: | ||
=== ADFS Oauth === | === ADFS Oauth === | ||
[https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code] | [https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code Follow the guide] | ||
Copy credentials to | Copy credentials to | ||
* oauthGoogleClient | * oauthGoogleClient | ||
* oauthGoogleSecret | * oauthGoogleSecret | ||
Revision as of 13:02, 11 March 2019
Understanding Oauth 2
Oauth authentication will put icons on the login page for fast and easy SSO wth multiple vendors.
The user will be authenticated if the email matches between the provider and the Tempus Serva user.
The following providors are supported.
- Goole
- Azure
- ADFS
Setting up SingleSignon
Before going into the detailed configuration please make sure https/SSL is enabled.
Set the following configurations to true
- securitySslLogin
- securitySslPages
Google Oauth
Using an existing Google account , go to the [credentials section].
Navigate to "Credentials" in the left menu.
First setup Oauth messages in the Oauth conscent section
- Logo, privacy policies etc. are not required but make things look better
- Note that domain authentication is not required
Next setup setup credentials
- Navigate back to credentials
- Click Create credentials
- Fill out the information
- Authorized JavaScript origins: https://alpha.tempusserva.dk
- Authorized redirect URIs: https://alpha.tempusserva.dk/TempusServa/SignInGoogle
- Credentials are generated
- Copy credentials to your Tempus Serva configuration
- oauthGoogleClient = [Client ID]
- oauthGoogleSecret = [Client secret]
- Finally
- oauthGoogleAllow = true
LinkedIn Oauth
Copy credentials to
- oauthGoogleClient
- oauthGoogleSecret
Facebook Oauth
Copy credentials to
- oauthGoogleClient
- oauthGoogleSecret
Azure Oauth
Copy credentials to
- oauthGoogleClient
- oauthGoogleSecret
ADFS Oauth
Copy credentials to
- oauthGoogleClient
- oauthGoogleSecret