OAuth (Open Authorization) is an open standard for token-based authentication and authorization on the Internet.
To set OAuth as authentication, make sure you have administrator rights.
After you have logged in as usual in the login mask with your user credentials, click on your name in the upper right corner and then on the settings.
Switch to the Authentication tab in the upper toolbar.
To add a new authentication mechanism, click on the plus icon in the upper right corner.
General Settings
| Name | Name under which this authentication mechanism settings is saved |
| Priority | The position of the execution of the respective authentication mechanism – the higher the number, the earlier the respective authentication mechanism is used. If same numbers are available, the sequence is determined lexicographically ascending |
| Mechanism | The authentication mechanism |
Mechanism Settings
| Display Name | The Display Name is shown on the login button |
| Client ID | Identifies the application and is defined by the configuration on the OAuth server |
| Client Secret | Authenticates the application and is defined by the configuration on the OAuth server |
| Scope | Determines which rights are gained with the access token, e.g. ‘profile’, ’email’, etc. for gaining rights to access the user profile/user email
Add scope ‘openid’ to add JWT encrypted User Profiles and Claims for OpenID Connect to JSON provided in profile extraxction |
| Authorization Endpoint | The Authorization Endpoint is the URL to which an authorization request is sent |
| Token Endpoint | The Token Endpoint is the URL to which an access token request is sent |
| Logout Endpoint | The Logout URL are executed after logout from Simplifier Administration Interface or App to logout also from all sessions and clients that managed by external identity provider |
| Redirect Endpoint | The Redirect Endpoint is the URL to which the browser is directed after successful authorization. This URL needs to be entered in the OAuth server configuration |
| Additional Query Parameters | It is possible to add Additional Query Parameters, such as name and value |
| Icon | The icon will be displayed on the login mask above the display name |
| Profile URL | The URL to which a user profile request is sent |
| Profile Path | The path which points to the user profile, e.g. ‘/’, ‘profile’,’profiles[1]’ etc. |
| Profile Verb | GET, POST, PUT |
