Single Sign On

Setup Single Sign On for OAuth apps

0 views June 4, 2019 September 4, 2019 0

miniOrange provides Single Sign-on for OAuth apps. OAuth (Open Authorization) is an open standard for token-based authentication and authorization. OAuth allows an end user’s account information to be used by third-party services, such as Facebook, without exposing the user’s password. It acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared.

miniOrange provides a solution to perform single sign-on(SSO) for application supporting OAuth protocol like Salesforce, WordPress, Joomla, Atlassian, Azure AD, Reddit, Spotify, Paypal, WHMCS, slack, discord, etc.

Configure Single Sign-On (SSO) Settings for OAuth Apps:

  1. Login as a customer from Admin Console.
  2. Go to Apps >> Manage Apps. Click Configure Apps button.
  3. Click on OAuth/OIDC tab. Select Custom Open ID Connect App and click on the App.
  4. You can add any OAuth Client app here to enable miniOrange as OAuth Server. Few popular OAuth client apps for single sign-on are Salesforce, WordPress, Joomla, Atlassian, etc.
    oauth ssop
  5. Enter the Client Name.
  6. Make sure Redirect-URL is in this format https://<mycompany.domain-name.com>.
  7. Add Description if you required.
    oauth sso
  8. Click on Save button.

 

You can edit Application by using the following steps:

  • Login as a customer from the Admin Console.
  • Go to Apps >> Manage Apps.
  • Search for your app and Click on edit in Action menu against your app.
    oauth sso
  • Provide the required settings:
    Application Name  Enter Application Name
    Client Name  Enter Client Name
    Redirect URI  https://<mycompany.domainname.com>/<customerid>
    Client ID  Enter Client ID
    OAuth Token Authorize URL  https://<mycompany.domainname.com>/moas/idp/openidsso -Use this enpoint only if you want to use miniorange as oauth identity server.
    https://<mycompany.domainname.com>/<customerid>-Use this enpoint only if you are configuring any Identity Provider in Identity Providers Menu and not using miniorange as IDP.
    OAuth Token Endpoint URL  https://<mycompany.domainname.com>/moas/rest/oauth/token
    OAuth User Info Endpoint URL  https://<mycompany.domainname.com>/moas/rest/oauth/getuserinfo