Settings
Last updated
Last updated
In the 'OAuth/2' - 'Settings' section of the Thinfinity® Configuration Manager 'Authentication' tab, you will find the following options:
General tab
OPTION
DESCRIPTION
Client ID
This client ID identifies Thinfinity® Workspace in the OAuth Server.
Client Secret
This client secret identifies Thinfinity® Workspace in the OAuth Server.
Force approval prompt (Google connection only)
If this option is marked, the user will be always prompted to approve the account integrations, when logging into the application. This option applies only to Google SSO Integration.
Server tab
Server Kind
Choose which kind of OAuth/2 Server you will be configuring.
Select 'GOOGLE' to use Google OAuth 2.0 authentication, or CUSTOM to enter the parameters of another OAuth 2.0 server.
Authorization URL
This is the OAuth 2.0 server address where Thinfinity® Workspace validates the corresponding OAuth 2.0 user. This address is used in combination with the values specified in the 'Other Keys...' field.
Parameters (key1=value1&key2=value2&...)
Complete other keys and their values following the query format specified. They will be sent to the authorization URL.
Most of the times, the OAuth 2.0 servers require a scope that tells what user information Thinfinity® Workspace needs access to in order to perform the user validation. The information specified here will be returned in the profile consultation.
Token Validation Server URL
Profile information server URL
The token received in the Token Validation Server URL is passed onto the Information Server, where the user information is requested. The answer to this request is a JSON object with the user information. This user information is then parsed using the key specified in the 'Login username value at JSON profile' field.
Login username value in returned JSON
If you are using Google OAuth, it's the generated while configuring the Google account integration.
If you are using Google OAuth, it's the generated while configuring google the account integration.
This is the server where the validation code is exchanged for the token that provides access to the user information. The client ID and client secret specified in are sent here.
In here you can specify the name of the value returned by the Profile Information Server in the JSON object that represents the user's login username. This value will be used for mapping in .
