LogoLogo
Download Free TrialLive DemoGet a QuoteContact Us
  • Thinfinity® Workspace
  • About This Document
  • Introduction
  • What's new in Thinfinity® Workspace
  • Architecture
  • Security
  • Getting Started Section
    • Getting Started
    • Installing Thinfinity® Workspace
    • Customizing Thinfinity® Workspace
      • Setting the Access Security Level
        • Access Profiles
          • RDP Profiles
            • Creating an RDP Profile
            • Editing an RDP Profile
            • Disabling an RDP Profile
            • Removing an RDP Profile
            • The "[+]" Profile
          • Web Link Profiles
            • Creating a Web Link Profile
            • Editing a Web Link Profile
            • Disabling a Web Link Profile
            • Removing a Web Link Profile
          • RDS Web Feed Profiles
            • Creating an RDS Web Feed Profile
            • Editing an RDS Web Feed Profile
            • Disabling an RDS Web Feed Profile
            • Removing an RDS Web Feed Profile
          • VNC/RFB Profile
            • Creating a VNC/RFB Profile
            • Editing a VNC/RFB Profile
            • Disabling a VNC/RFB Profile
            • Removing a VNC/RFB Profile
          • Telnet/SSH profile
            • Creating a Telnet/SSH Profile
            • Editing a Telnet/SSH Profile
            • Disabling a Telnet/SSH Profile
            • Removing a Telnet/SSH Profile
      • Testing Internal Access
      • Configuring Internet Access
      • Enabling Remote Sound
      • Mapping Remote Drives
        • Intermediate Disks
        • Shared Folders
    • After Customization
      • Connecting to a Desktop
      • Connecting to an Application
      • Performing a File Transfer
        • Navigating
        • File Options
        • Remote Folder Area Options
        • Downloading and Uploading files
    • Supported RDP Shortcut Keys
    • Using Thinfinity® Workspace for the First Time
      • Verifying the Communication Settings
      • Connecting to a desktop
  • Advanced Settings Section
    • New in Thinfinity® Workspace
      • Web Folder
      • Web VPN
      • Bidirectional Audio Redirection
      • Remote Active Directory
        • How to install and configure Thinfinity® Remote AD Services
        • Active Directory credentials mapping
      • Secondary Broker Pool
        • Architecture
        • How To Install a Secondary Broker
        • How To Add a Pool in the Primary Broker
      • H264 Support
        • How to Enable H264 on your Access Profile
        • Preparing a Remote Desktop for H264 support
      • Web Profile Manager
        • Remote Desktop
        • VNC/RFB
        • Terminal
        • Web Link
        • Web VPN
        • Labels
        • Edit Web Profiles
          • General
          • Display
          • Resources
          • Program
          • Experience
          • Advanced
          • Access Hours
          • Permissions
      • WebBridge - Direct File Transfer
        • How to install Thinfinity® WebBridge
        • WebBridge: User Experience
    • Thinfinity® Configuration Manager
      • General
      • Broker
      • Authentication
        • OAuth/2
          • Methods
          • Settings
          • Mappings
          • Configure OAuth with Okta
          • Configure OAuth with Auth0
        • RADIUS
          • Settings
          • Mappings for SSO
        • TOTP (Time-based One-time Password)
          • TOTP Settings
      • Access Profiles
        • RDP Profile Editor
          • General
            • Setting up a Hyper-V Profile
            • Setting up an RDS Collection Profile
          • Display
          • Resources
          • Program
          • Experience
          • Advanced
          • Printer
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • Web Link Profile Editor
          • General
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • VNC / RFB Profile Editor
          • General
          • Display
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • Telnet/SSH Profile Editor
          • General
          • SSL
          • SSH
          • Display
          • Options
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • Web VPN
          • General
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
      • Folders
      • Permissions
      • External DLL Authentication Method Settings
      • DUO Authentication Method Settings
        • How to configure DUO
      • SAML Authentication Method Settings
        • Configure SAML with Okta
        • Configure SAML with Centrify
  • Gateway Manager
    • Managing the SSL Certificate
      • The Default Embedded Certificate
      • A Self-Signed Certificate
      • A CA Certificate
  • License Manager
    • License Activation
    • Proxy Activation
    • Get a new Trial Serial Number
    • Activate a Serial Number Online
    • Activate a Serial Number Offline
    • Registering Your License With The License Server Manager
  • Custom Settings
    • Extend the Thinfinity® Workspace Toolbar
  • Customizing the Toolbar
    • Using customsettings.js
    • Using the 'connect' Method
  • Remote FX
  • Save Session
    • Record a Session
    • Play Recorded Sessions
  • Multi-touch Redirection
  • Enhanced Browser and DPI Support
    • Model Inheritance
    • Property Reference
    • The Calculation Process
    • Examples
  • Silent Install Options
  • Credentials Management
    • User-based Access Profiles
    • Credentials Management
  • Customize Translation
  • Mobile Devices Section
    • Mobile Devices
    • Getting into Thinfinity®
    • Mouse Control
    • Keyboards and Toolbars
    • Gestures
    • Disconnecting from Thinfinity®
    • iPad Application
  • Scaling and Load Balancing Section
    • Scaling & Load Balancing
    • Scaling and Load Balancing Configurations
    • Installing Components
    • Configuring a Load Balancing Scenario
    • How to configure your license
  • Integrating Thinfinity® Workspace Section
    • Integrating Thinfinity® Workspace
    • External Authentication
      • Apikey
    • Single sign-on
      • Facebook OAuth Authentication Example
      • Google OAuth/2
        • Google Client ID for Web Applications
      • RADIUS
    • Customizing the Web Interface
      • Changing the Logo
      • Customizing the Web Files
      • Files Location
    • Web Services API
      • Architecture
      • Installing the Web Service
      • Setting up the Communication Settings
      • Profiles Web Service
        • Methods
        • Types
          • The WS Profile type
        • The Demo Applications
      • Analytics Web Service
        • Methods
        • Types
          • WSQueryInfo
          • WSQueryRange
          • WSDBLoginRecord
          • WSSessionRecord
          • WSDBConnectionRecord
          • WSDBBrowserRecord
        • The Demo Application
    • One-Time-URL
      • Configuring the Connection
      • Enabling Features
    • Thinfinity® RemoteAD API reference
    • Thinfinity® REST API Reference
  • User guide Section
    • User Guide
    • Logging In
    • Advanced Web Features
      • Tree View
      • Listing Options
      • Search bar
    • Accessing from Mobile Devices
      • Connecting with Open Parameters
        • General
        • Display
        • Resources
        • Program
        • Experience
        • Advanced
      • Connecting with Profiles
    • Toolbar
      • Actions
      • File Transfer
      • Options
      • Disconnect
    • Features
      • File Transfer
        • Navigating
        • File Options
        • Remote Folder Area Options
        • Downloading and Uploading files
      • Remote Printer
      • Remote Sound
      • Share Session
      • Mapped Drives
      • Analytics
        • Sessions
        • Connections
        • Logins
        • Browsers
        • Filter
        • Configuring MS SQL Server
          • Analytics Tables Reference
    • Disconnecting
Powered by GitBook
On this page
  1. Advanced Settings Section
  2. Thinfinity® Configuration Manager
  3. Authentication
  4. OAuth/2

Mappings

PreviousSettingsNextConfigure OAuth with Okta

Last updated 3 years ago

In the 'OAuth/2' - 'Mappings' section of the Thinfinity® Configuration Manager's 'Authentication' tab, you will link your OAuth/2 users to Active Directory users or groups. In this way, you tell Thinfinity® Workspace that users that authenticate with certain OAuth/2 user are to be shown certain profiles, the profiles that are available for the Active Directory user(s)/group(s) you selected to link them with. That is, to complete this process you have to link the Active Directory user(s)/group in this tab to the Active Directory user(s)/group of the profile you want to enable for a certain OAuth/2 user.

The 'Mappings' tab can be organized in two different ways. By pressing the 'Switch base' button, you select whether you prefer to see a list of Remote Usernames above, that you will map with the Associated User(s)/Group(s) Access below, or a list of Associated User(s)/Group(s) Access that you will map with the Remote Username list below. This doesn't change the way it works, only the way it is shown. You might want to think that a certain remote username has several Active Directory groups it's associated with and thus choose to see the remote users above, or you might prefer to see, for example, a list of Active Directory users and link each of them with several remote users. You can try, and even go back and forth as you add users and decide which way works best for you. Switching the base doesn't change the users and their mapping.

OPTION

DESCRIPTION

Switch Base

Press to change the order in which the 'Authentication ID Mask and the 'Associated Permissions' boxes will be shown. This doesn't affect the configuration, only the view.

Authentication ID Mask

List of the remote users.

Enabled: Select an user on the list and uncheck the 'Enabled' field if you want to disable the access of this specific remote user.

Associated Permissions

List of Active Directory Users and Groups.

Add: If the 'Associated Permissions' box is above, adds a user to later on select and associate with a remote user. If the Associated Permissions box is below the 'Authentication ID Mask' box, maps this user to the selected remote user above.

Remove: If the 'Associated Permissions' box is above, it deletes this user and their mappings from the mapping tab. If the 'Associated Permissions' box is below the 'Authentication ID Mask' box, it disassociates this Active Directory user from the remote user selected above.

In the credentials tab, you will find the following options:

OPTION

DESCRIPTION

Username

Stores a valid Windows Username.

Used when using an External Authentication and profiles with "Use the Authenticated Credentials" option.

Password

Stores a valid Windows Username's password.

Used when using an External Authentication and profiles with "Use the Authenticated Credentials" option.

Test

Verifies the stored credentials.

Remove

Removes the stored credentials.

Always remember to press "Apply" in order to save the changes.

Add: Add a new remote user (). If the 'Authentication ID Mask' box is above the the Associated Permissions box, you will then need to select it and add an Associated Permission to it. Otherwise, if the 'Authentication ID Mask' box is below the 'Associated Permissions' box, the remote user added will be mapped with the Active Directory User selected in the box above.

Remove: Select a user and click on the 'Remove' button to take out this remote user from the , when the 'Authentication ID Mask' box is above the Associated User/Group Access box. This will also remove the mappings. If the 'Authentication ID Mask' box is below the 'Associated Permissions' box, you will instead remove the user from the mapping with the Active Directory user/group selected above.

SSO
SSO authentication control