LogoLogo
Download Free TrialLive DemoGet a QuoteContact Us
  • Thinfinity® Workspace
  • About This Document
  • Introduction
  • What's new in Thinfinity® Workspace
  • Architecture
  • Security
  • Getting Started Section
    • Getting Started
    • Installing Thinfinity® Workspace
    • Customizing Thinfinity® Workspace
      • Setting the Access Security Level
        • Access Profiles
          • RDP Profiles
            • Creating an RDP Profile
            • Editing an RDP Profile
            • Disabling an RDP Profile
            • Removing an RDP Profile
            • The "[+]" Profile
          • Web Link Profiles
            • Creating a Web Link Profile
            • Editing a Web Link Profile
            • Disabling a Web Link Profile
            • Removing a Web Link Profile
          • RDS Web Feed Profiles
            • Creating an RDS Web Feed Profile
            • Editing an RDS Web Feed Profile
            • Disabling an RDS Web Feed Profile
            • Removing an RDS Web Feed Profile
          • VNC/RFB Profile
            • Creating a VNC/RFB Profile
            • Editing a VNC/RFB Profile
            • Disabling a VNC/RFB Profile
            • Removing a VNC/RFB Profile
          • Telnet/SSH profile
            • Creating a Telnet/SSH Profile
            • Editing a Telnet/SSH Profile
            • Disabling a Telnet/SSH Profile
            • Removing a Telnet/SSH Profile
      • Testing Internal Access
      • Configuring Internet Access
      • Enabling Remote Sound
      • Mapping Remote Drives
        • Intermediate Disks
        • Shared Folders
    • After Customization
      • Connecting to a Desktop
      • Connecting to an Application
      • Performing a File Transfer
        • Navigating
        • File Options
        • Remote Folder Area Options
        • Downloading and Uploading files
    • Supported RDP Shortcut Keys
    • Using Thinfinity® Workspace for the First Time
      • Verifying the Communication Settings
      • Connecting to a desktop
  • Advanced Settings Section
    • New in Thinfinity® Workspace
      • Web Folder
      • Web VPN
      • Bidirectional Audio Redirection
      • Remote Active Directory
        • How to install and configure Thinfinity® Remote AD Services
        • Active Directory credentials mapping
      • Secondary Broker Pool
        • Architecture
        • How To Install a Secondary Broker
        • How To Add a Pool in the Primary Broker
      • H264 Support
        • How to Enable H264 on your Access Profile
        • Preparing a Remote Desktop for H264 support
      • Web Profile Manager
        • Remote Desktop
        • VNC/RFB
        • Terminal
        • Web Link
        • Web VPN
        • Labels
        • Edit Web Profiles
          • General
          • Display
          • Resources
          • Program
          • Experience
          • Advanced
          • Access Hours
          • Permissions
      • WebBridge - Direct File Transfer
        • How to install Thinfinity® WebBridge
        • WebBridge: User Experience
    • Thinfinity® Configuration Manager
      • General
      • Broker
      • Authentication
        • OAuth/2
          • Methods
          • Settings
          • Mappings
          • Configure OAuth with Okta
          • Configure OAuth with Auth0
        • RADIUS
          • Settings
          • Mappings for SSO
        • TOTP (Time-based One-time Password)
          • TOTP Settings
      • Access Profiles
        • RDP Profile Editor
          • General
            • Setting up a Hyper-V Profile
            • Setting up an RDS Collection Profile
          • Display
          • Resources
          • Program
          • Experience
          • Advanced
          • Printer
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • Web Link Profile Editor
          • General
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • VNC / RFB Profile Editor
          • General
          • Display
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • Telnet/SSH Profile Editor
          • General
          • SSL
          • SSH
          • Display
          • Options
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
        • Web VPN
          • General
          • Permissions
          • Restrictions
          • Access Hours
          • Authentication Methods
      • Folders
      • Permissions
      • External DLL Authentication Method Settings
      • DUO Authentication Method Settings
        • How to configure DUO
      • SAML Authentication Method Settings
        • Configure SAML with Okta
        • Configure SAML with Centrify
  • Gateway Manager
    • Managing the SSL Certificate
      • The Default Embedded Certificate
      • A Self-Signed Certificate
      • A CA Certificate
  • License Manager
    • License Activation
    • Proxy Activation
    • Get a new Trial Serial Number
    • Activate a Serial Number Online
    • Activate a Serial Number Offline
    • Registering Your License With The License Server Manager
  • Custom Settings
    • Extend the Thinfinity® Workspace Toolbar
  • Customizing the Toolbar
    • Using customsettings.js
    • Using the 'connect' Method
  • Remote FX
  • Save Session
    • Record a Session
    • Play Recorded Sessions
  • Multi-touch Redirection
  • Enhanced Browser and DPI Support
    • Model Inheritance
    • Property Reference
    • The Calculation Process
    • Examples
  • Silent Install Options
  • Credentials Management
    • User-based Access Profiles
    • Credentials Management
  • Customize Translation
  • Mobile Devices Section
    • Mobile Devices
    • Getting into Thinfinity®
    • Mouse Control
    • Keyboards and Toolbars
    • Gestures
    • Disconnecting from Thinfinity®
    • iPad Application
  • Scaling and Load Balancing Section
    • Scaling & Load Balancing
    • Scaling and Load Balancing Configurations
    • Installing Components
    • Configuring a Load Balancing Scenario
    • How to configure your license
  • Integrating Thinfinity® Workspace Section
    • Integrating Thinfinity® Workspace
    • External Authentication
      • Apikey
    • Single sign-on
      • Facebook OAuth Authentication Example
      • Google OAuth/2
        • Google Client ID for Web Applications
      • RADIUS
    • Customizing the Web Interface
      • Changing the Logo
      • Customizing the Web Files
      • Files Location
    • Web Services API
      • Architecture
      • Installing the Web Service
      • Setting up the Communication Settings
      • Profiles Web Service
        • Methods
        • Types
          • The WS Profile type
        • The Demo Applications
      • Analytics Web Service
        • Methods
        • Types
          • WSQueryInfo
          • WSQueryRange
          • WSDBLoginRecord
          • WSSessionRecord
          • WSDBConnectionRecord
          • WSDBBrowserRecord
        • The Demo Application
    • One-Time-URL
      • Configuring the Connection
      • Enabling Features
    • Thinfinity® RemoteAD API reference
    • Thinfinity® REST API Reference
  • User guide Section
    • User Guide
    • Logging In
    • Advanced Web Features
      • Tree View
      • Listing Options
      • Search bar
    • Accessing from Mobile Devices
      • Connecting with Open Parameters
        • General
        • Display
        • Resources
        • Program
        • Experience
        • Advanced
      • Connecting with Profiles
    • Toolbar
      • Actions
      • File Transfer
      • Options
      • Disconnect
    • Features
      • File Transfer
        • Navigating
        • File Options
        • Remote Folder Area Options
        • Downloading and Uploading files
      • Remote Printer
      • Remote Sound
      • Share Session
      • Mapped Drives
      • Analytics
        • Sessions
        • Connections
        • Logins
        • Browsers
        • Filter
        • Configuring MS SQL Server
          • Analytics Tables Reference
    • Disconnecting
Powered by GitBook
On this page
  1. Advanced Settings Section
  2. Thinfinity® Configuration Manager
  3. Authentication
  4. OAuth/2

Settings

PreviousMethodsNextMappings

Last updated 3 years ago

In the 'OAuth/2' - 'Settings' section of the Thinfinity® Configuration Manager 'Authentication' tab, you will find the following options:

General tab

OPTION

DESCRIPTION

Client ID

This client ID identifies Thinfinity® Workspace in the OAuth Server.

Client Secret

This client secret identifies Thinfinity® Workspace in the OAuth Server.

Force approval prompt (Google connection only)

If this option is marked, the user will be always prompted to approve the account integrations, when logging into the application. This option applies only to Google SSO Integration.

Server tab

Server Kind

Choose which kind of OAuth/2 Server you will be configuring.

Select 'GOOGLE' to use Google OAuth 2.0 authentication, or CUSTOM to enter the parameters of another OAuth 2.0 server.

Authorization URL

This is the OAuth 2.0 server address where Thinfinity® Workspace validates the corresponding OAuth 2.0 user. This address is used in combination with the values specified in the 'Other Keys...' field.

Parameters (key1=value1&key2=value2&...)

Complete other keys and their values following the query format specified. They will be sent to the authorization URL.

Most of the times, the OAuth 2.0 servers require a scope that tells what user information Thinfinity® Workspace needs access to in order to perform the user validation. The information specified here will be returned in the profile consultation.

Token Validation Server URL

Profile information server URL

The token received in the Token Validation Server URL is passed onto the Information Server, where the user information is requested. The answer to this request is a JSON object with the user information. This user information is then parsed using the key specified in the 'Login username value at JSON profile' field.

Login username value in returned JSON

If you are using Google OAuth, it's the generated while configuring the Google account integration.

If you are using Google OAuth, it's the generated while configuring google the account integration.

This is the server where the validation code is exchanged for the token that provides access to the user information. The client ID and client secret specified in are sent here.

In here you can specify the name of the value returned by the Profile Information Server in the JSON object that represents the user's login username. This value will be used for mapping in .

Google Client ID
Google Client Secret
the 'Basic' tab
the 'Mapping' tab