Identity Broker Service

3. OAuth Integration

This document is about configuring Single Sign-On (SSO) Settings for OAuth Integration. The OAuth Server is created in WordPress by virtue of which, the user can work with OAuth2 compliant client. These client applications can be Salesforce, Slack or any other third party applications which support OAuth Server allows Single Sign On to client applications with WordPress credentials.

Configure Single Sign-On (SSO) Settings for OAuth Integration :

  • To configure and use miniOrange OAUTH Broker services, you can create a business free trial account here.
  • Login to miniOrange console.
  • Go to Identity Providers from side menu.
  • Click on Add Identity Source.
  • Select OAuth, enter all the required fields and click on SAVE button.

For Facebook:

  • Leave the Scope field empty.
  • Create Developers account with Facebook.
  • Create an App here.
  • Under “Tell us about your website” section, enter
    https://login.xecurify.com/moas/oauth/client/callback in the Site URL field
  • Collect App ID and App Secret by navigating to My Apps ->(Your App name).
  • Enter the App ID and App Secret in Client ID and Client Secret field respectively under Apps -> Add App
    Credentials
    .
  • Click on SAVE button to add the Facebook App.
  • Now to integrate Login With Facebook, add a button and add the following URL to it.
    https://login.xecurify.com/moas/oauth/client/authorize?token=token&id=
    customer_key&encrypted=<true,false&gt&app=facebook_oauth&returnurl=return_url

For Google:

  • Enter https://www.googleapis.com/auth/plus.login in the Scope field.
  • Visit the Google website for developers console.developers.google.com
  • At Google, create a new Project and enable the Google+ API. This will enable your site to access the
    Google+ API
  • At Google, provide https://login.xecurify.com/moas/oauth/client/callbackfor the new Project’s
    Redirect URI
  • At Google, you must also configure the Consent Screen with your Email Address and Product Name. This is
    what Google will display to users when they are asked to grant access to your site/app
  • At Google, under APIs & auth -> Credentials get Client Id by clicking on the button Create Client
    Id.
  • Collect the Client ID and Client Secret
  • Enter the App ID and App Secret in Client ID and Client Secret field respectively under Apps -> Add App
    Credentials
    .
  • Click on SAVE button to add the Google App.
  • Now to integrate Login With Google, add a button and add the following URL to it.

    https://login.xecurify.com/moas/oauth/client/authorize?token=token&id=customer_key&encrypted=<true,false&gt&app=google_oauth&returnurl=return_url

For LinkedIn:

  • Leave the Scope field empty.
  • If you have not already done so, create an
    application
    . If you have an existing application, select it to modify its settings.
  • After app creation, collect Client ID and CLient Secret from here.
  • Enter https://login.xecurify.com/moas/oauth/client/callback in Authorized Redirect URLs and
    click on Add button.
  • Now click on Update button to save settings.
  • Enter the Client ID and Client Secret in Client ID and Client Secret field respectively under Apps -> Add
    App Credentials
    .
  • Click on SAVE button to add the LinkedIn.
  • Now to integrate Login With LinkedIn, add a button and add the following URL to it.

    https://login.xecurify.com/moas/oauth/client/authorize?token=##token##&id=##customer_key##&encrypted=<true,false>&app=linkedin_oauth&returnurl=##return_url##

-token in above URL can be encrypted or unencrypted. The token should contain Client Id (You received from EVE Online), timestamp and API Key (The Customer API Key you collected above) separated by colon.
-customer_key is the Customer Key you collected above Value of encrypted value can be true or false depending on, if the token is encrypted or not.
-return_url will be the URL where you want to redirect the user after Login with EVE Online.