3.26 – OAuth 2.0/Okta integration
You need to register your application before you use OAuth 2.0 integration.
| Provider | Registering Address |
|---|---|
| https://support.google.com/cloud/answer/6158849 | |
| Windows Live Connect | https://account.live.com/developers/applications http://msdn.microsoft.com/en-us/windowslive/ff769489.aspx |
Please use http(s)://gatewayAddress/oauth2callback for redirect URI.
You'll get client id and client secret after the registration, and set up them in the oauth2.json configuration file. You can specify the location of oauth2.json in gateway.conf.
Example of oauth2.json:
{
"providers" : [{
"name" : "Google",
"client_id" : "650561938988-t2r66k1ms3hpoi3k1e2g7l2adlarau8s.apps.googleusercontent.com",
"client_secret" : "-D-nhxWn2E97tZWWLg5IQ6Ak",
"request_uri" : "https://accounts.google.com/o/oauth2/auth",
"redirect_uri" : "http://localhost/oauth2callback",
"access_token_uri": "https://oauth2.googleapis.com/token",
"auth_uri": "/login_chrome.html",
"scope": "openid email"
},
{
"name" : "Live",
"client_id" : "0000000040133A31",
"client_secret" : "p9WwBr2Pyrq6mtaeZCwTSwqbIF39Br3Z",
"request_uri" : "https://login.live.com/oauth20_authorize.srf",
"redirect_uri" : "http://www.remotespark2.com/oauth2callback",
"access_token_uri": "https://login.live.com/oauth20_token.srf",
"scope": "wl.emails",
"profile_uri": "https://apis.live.net/v5.0/me"
}]
}
Okta SSO
To enable SSO, Spark View application need to be configured as trusted application (Resource Owner Password Flow):
https://developer.okta.com/docs/guides/implement-password/overview/
You don’t need to configure request_uri, redirect_uri , and profile_uri for Okta.
Here is an example for Okta:
{
"providers": [
{
"name" : "okta",
"client_id" : "0000000040133A31",
"client_secret" : "p9WwBr2Pyrq6mtaeZCwTSwqbIF39Br3Z",
"access_token_uri": " https://dev-160206.okta.com/oauth2/v1/token",
"scope": "openid email"
}
]
}
Then login from http://yourGateway/login_okta.html.