oAuth

When one or multiple oAuth provider are defined, the user sees them additionally within the login form. When he clicks on the provider, he will be forwarded to the oAuth provider to login with his credentials he has registred with at the provider. After the successfull login the user will be granted access to your Exolynk environment, based upon your custom login logic.

Integrate a oAuth provider

In the following example we integrate GitHub as an example oAuth provider. But every other provider is supported in the same way. First a new authorization provider need to be created within the environment settings. The following attributes need to be provided:

  • Ident -> A unique identifier of the oAuth provider
  • Name -> The name of the provider which will be shown to the user
  • Logo -> A link to the provider Logo which will be shown to the user
  • Auth url -> The authroization url of the oAuth provider
  • Token url -> The access token provider url of the oAuth provider
  • Client ID -> The client id given to you by the oAuth provider
  • Client Secret -> The secret given by the provider to authenticate the connection
  • Application scopes -> Single scopes/rights which we request access for

When a user has successfully perfomed to login over the specified provider, it will return a access token, which can be used to access the providers apis. It's now the responsibility of the script to use the token to identify the user. The script need to return a valid user uuid to login in the specific user. When the script returns with an error or something else, the user will not be logged in.

This configuration allows to implement the following use-cases and more with ease:

  • Login existing users based upon their email/username
  • Create and login new users when they meet specific requirements
  • Notify the oAuth provider about the login attempt to exolynk