In the 'OAuth/2' - 'Settings' section of the Thinfinity® Configuration Manager 'Authentication' tab, you will find the following options:

General tab



Client ID

This client ID identifies Thinfinity® Workspace in the OAuth Server.

If you are using Google OAuth, it's the Google Client ID generated while configuring the Google account integration.

Client Secret

This client secret identifies Thinfinity® Workspace in the OAuth Server.

If you are using Google OAuth, it's the Google Client Secret generated while configuring google the account integration.

Force approval prompt (Google connection only)

If this option is marked, the user will be always prompted to approve the account integrations, when logging into the application. This option applies only to Google SSO Integration.

Server tab

Server Kind

Choose which kind of OAuth/2 Server you will be configuring.

Select 'GOOGLE' to use Google OAuth 2.0 authentication, or CUSTOM to enter the parameters of another OAuth 2.0 server.

Authorization URL

This is the OAuth 2.0 server address where Thinfinity® Workspace validates the corresponding OAuth 2.0 user. This address is used in combination with the values specified in the 'Other Keys...' field.

Parameters (key1=value1&key2=value2&...)

Complete other keys and their values following the query format specified. They will be sent to the authorization URL.

Most of the times, the OAuth 2.0 servers require a scope that tells what user information Thinfinity® Workspace needs access to in order to perform the user validation. The information specified here will be returned in the profile consultation.

Token Validation Server URL

This is the server where the validation code is exchanged for the token that provides access to the user information. The client ID and client secret specified in the 'Basic' tab are sent here.

Profile information server URL

The token received in the Token Validation Server URL is passed onto the Information Server, where the user information is requested. The answer to this request is a JSON object with the user information. This user information is then parsed using the key specified in the 'Login username value at JSON profile' field.

Login username value in returned JSON

In here you can specify the name of the value returned by the Profile Information Server in the JSON object that represents the user's login username. This value will be used for mapping in the 'Mapping' tab.

Last updated