Server Administration Application – Configuring OAuth

Documentation home

 

Introduction. 1

OAuth Configuration Properties 1

Additional Authorization Parameters Properties 3

 

See also: Server Administration Application Home Page, REST Overview, Working with REST Web Service Resources, REST Web Service Security, Using OAuth Security, OpenID Connect Configuration

Introduction

OAuth configurations are created and maintained on the server using the Server Administration web application. They are saved in folder oauthConfigurations in the ebaseConf folder of the web application e.g. userdata/apps/<webappname>/ebaseConf/oauthConfigurations. These files can be copied between servers if required.

 

An OAuth configuration represents an authorization server that requires OAuth authentication.

 

OAuth configurations can be used by:

 

 

 

 

OAuth Configuration Properties

 

 

 

The following are common properties – applicable to all authorization types.

OAuth Name

OAuth configuration name.

Description

An optional description.

Authorization type

Can be set to:

  • Authorization Code Grant
  • Resource Owner Password Credentials Grant
  • Client Credentials Grant

See OAuth 2.0 for details of these Authorization types. If this OAuth Configuration is being used for OpenID Connect, the type is usually Authorization Code Grant.

Token request URL

Specifies the URL to request the access token.

Client id

The client id as issued by the authorization server.

Secret key

The secret key as issued by the authorization server.

Send Access Token as

The OAuth access token can be sent with the HTTP Request as either a HTTP Header or as a Post/Query Parameter. Select the method applicable to the authentication specification. Click here for more information.

Scope

A list of scopes specific to the authorization server.

 

 

The following additional properties apply to Authorization type Authorization Code Grant

Authorization URL

Specifies the URL to the authorization server.

Redirect URI

This field is for information only and shows the redirect URI created by the system. This should be entered into the 3rd party OAuth provider’s configuration. Click here for more information.

 

 

The following additional properties apply to Authorization type Resource Owner Password Credentials Grant

Username

Username to authenticate.

Password

Password to authenticate

 

 

 

The Username, Password and Scope properties can be overridden by entering the values into the Rest Web Service Security dialog or calling the JavaScript method HttpAuthentication.createOAuthAuthentication(name, scope, username, password).

 

 

Additional Authorization Parameters Properties

Add additional parameters specific to the Authorization Code type. The parameters are added to the request when calling the authorization URL. These additional parameters can be overridden by entering the values into the Rest Web Service Security dialog or calling the JavaScript method HttpAuthentication.createOAuthAuthentication(name, scope, username, password, additionalParameters).