OAuth 2.0 support in User Management Server

The User Management Server can be configured to support OAuth 2.0 for Single Sign-On (SSO), allowing users to log in directly to the User Management Server after authenticating using OAuth 2.0.

Prerequisites

1. An account with an OAuth 2.0 provider.

2. Register the User Management Server in the OAuth 2.0 provider.

Steps to configure OAuth 2.0 in User Management Server

1. Log in to the User Management Server with the admin credentials.

2. In the left side menu, click Settings, then Authentication, and finally OAuth 2.0.

   

3. Provide the following details in the OAuth 2.0 settings of User Management Server.

   Provider Name	It represents the name of the authentication provider that will be displayed on the login page.
   Provider Logo	It represents the logo of the authentication provider that will be displayed on the login page.
   Authorization Endpoint	It is the endpoint in the provider to authorize the user.
   Token Endpoint Method	It represents the request type to access the token endpoint.
   Token Endpoint	It is the endpoint in the provider that generates the token.
   User Information Endpoint Method	It is the endpoint in the provider to get the user details.
   User Information Endpoint	It represents the request type to access the user information endpoint.
   Client ID	It is a unique identifier provided to each of the applications while registering in the providers.
   Client Secret	It is a secret key that is used to authorize the applications.
   Scopes	It is comma separated lists of identifiers that specifies the access privileges that are being requested from the provider.
   Email	This must be the email of an admin account of the providers.

   

If you need to import the OAuth 2.0 groups, you must configure the group details while saving the OAuth authentication settings.

The following list of OAuth 2.0 providers explains how to connect with the User Management Server:

• Amazon Cognito
• Auth0
• Okta
• OneLogin

Set OAuth 2.0 as default authentication

OAuth 2.0 can be set as the default authentication when OAuth 2.0 settings are enabled.

Follow these steps to configure default authentication:

1. On the settings page, click the Authentication tab and select General.

2. Enable the Enable Default Authentication option and select OAuth 2.0 as the default authentication provider, as shown in the following screenshot.

   

Disabling OAuth 2.0 settings

Disabling the Enable Default Authentication option and then clicking Save will disable the default OAuth 2.0 default authentication.