Page Comparison

OAuth 2.0 is an authorization framework that is capable of providing a way for clients to access a resource with restricted access on behalf of the resource owner. OAuth 2.0 is capable of authorizing the flows for web applications, desktop applications, and mobile applications among others.

...

Sign in. Enter your username and password to log on to the Management Console.
Navigate to the Main menu to access the Identity menu. Click Add under Identity Providers.
For more information, see Adding and Configuring an Identity Provider.
Fill in the details in the Basic Information section.
Expand the Federated Authenticators section and then the OAuth2/OpenID Connect Configuration form.

Fill in the following fields where relevant.

Prior to this, you need to configure an application for Identity server in the federated authorization server and get the application information such as client ID and secret. For more information, see configuring OAuth2-OpenID Connect single sign-on.

Field	Description	Sample value
Enable OAuth2/OpenIDConnect	Selecting this option enables OAuth2/OpenID Connect to be used as an authenticator for users provisioned to the Identity Server.	Selected
Default	Selecting the Default check box signifies that the OAuth2/OpenID Connect credentials are the main/default form of authentication. This removes the selection made for any other Default checkboxes for other authenticators.	Selected
Authorization Endpoint URL	This is a standard OAuth Authorization Endpoint URL of the federated IDP.	https://localhost:9443/oauth2/authorize/
Token Endpoint URL	This is a standard OAuth Token Endpoint URL of the federated IDP.	https://localhost:9443/oauth2/token/
Client Id	Client ID of the application you registered in the IDP for Identity server.	1421263438188909
Client Secret	Client Secret of the application you registered in the IDP for Identity server. Click the Show button to view the value you enter.	12ffb4dfb2fed67a00846b42126991f8
Callback URL	This is the URL to which the browser should be redirected after the authentication is successful. It should be the commonauth endpoint of Identity server	https://localhost:9443/commonauth
OpenID Connect User ID Location	Select whether the User ID is found in the 'sub' attribute that is sent with the OpenID Connect request or if it is found among claims.	User ID found in 'sub' attribute
Additional Query Parameters	This is necessary if you are connecting to another Identity Server or application. Sometimes extra parameters are required by this IS or application so these can be specified here.	paramName1=value1

Panel

title	Related Topics

Identity Federation is part of the process of configuring an identity provider. For more information on how to configure an identity provider, see Configuring an Identity Provider.
See Log in to into Identity Server using another Identity Server - OAuth2 for a sample of using OAuth2/OpenIDConnect for federated authentication.

Versions Compared

Old Version 1

New Version Current

Key