Oauth2 authentication

From TempusServa wiki
Revision as of 13:02, 11 March 2019 by old>Admin
Jump to navigation Jump to search

Understanding Oauth 2

Oauth authentication will put icons on the login page for fast and easy SSO wth multiple vendors.

The user will be authenticated if the email matches between the provider and the Tempus Serva user.

The following providors are supported.

  • Goole
  • LinkedIn
  • Facebook
  • Azure
  • ADFS

Setting up SingleSignon

Before going into the detailed configuration please make sure https/SSL is enabled.

Set the following configurations to true

  • securitySslLogin
  • securitySslPages

Google Oauth

Using an existing Google account , go to the [credentials section].

Navigate to "Credentials" in the left menu.

First setup Oauth messages in the Oauth conscent section

  • Logo, privacy policies etc. are not required but make things look better
  • Note that domain authentication is not required

Next setup setup credentials

  1. Navigate back to credentials
  2. Click Create credentials
  3. Fill out the information
  4. Credentials are generated
  5. Copy credentials to your Tempus Serva configuration
    • oauthGoogleClient = [Client ID]
    • oauthGoogleSecret = [Client secret]
  6. Finally
    • oauthGoogleAllow = true


LinkedIn Oauth

Follow the guide

Copy credentials to

  • oauthGoogleClient
  • oauthGoogleSecret

Facebook Oauth

Follow the guide

Copy credentials to

  • oauthGoogleClient
  • oauthGoogleSecret

Azure Oauth

Follow the guide

Copy credentials to

  • oauthGoogleClient
  • oauthGoogleSecret

ADFS Oauth

Follow the guide

Copy credentials to

  • oauthGoogleClient
  • oauthGoogleSecret