Create an OAuth2.0 Connector

Parent Previous Next
  1. The OAuth2.0 connector allows you to easily connect SigningHub with any third-party authentication service that supports OAuth2.0 protocol like Google, LinkedIn, SalesForce, and Facebook. The "Auth URL" provided in the connector will be used for identifying the third-party service configured in the connector and then authenticating the end users a the time of both logging into SigningHub and performing signatures. 

    Create an OAuth2.0 connector:

             
  2. From the left menu, click "Configurations".
  3. Click "Connectors" .
  4. From the top right corner of the connectors list, click .
    The Add Connector dialog is displayed.

     

    The Add Connector dialog is a step-wise wizard consisting of the following the steps for configuring the connector:

    1) Basic Information 
    2) Details 

    On the Basic Information section:

  5. Type in a unique Name for the connector.
  6. Select "OAuth2.0" in the Provider field.
  7. Click Next.

    The following image illustrates an example of information entered on the dialog.



    On the Details section:

         
  1. Specify the fields as required by the third-party service; leave the rest empty.
  2. Click Finish.
    The OAuth2.0 connector has been added and can be used in an authentication profile.

    The following image illustrates the example information entered on the "Details" section of the dialog. 


The following table describes the fields on the "Basic Information" section of this dialog.


Basic Information Section

Fields

Description

Name

Specify a unique name for this connector, i.e. My Google. This connector will be used in the configuration of Authentication Profiles.  

Provider

Select the provider for this connector, i.e. "OAuth2.0". 

Purpose

This field will display the purpose of the selected provider above, i.e. the purpose of "OAuth2.0" is "Authentication".

Active

Select to make this connector active. Keep the check box empty to make the connector In-active. An inactive connector cannot be configured in the Authentication Profiles.

Next

Displays the "Details" section. 


The following table describes the fields on the "Details" section of this dialog.


Details Section

Fields

Description

Logo

Select an appropriate image in the jpeg, jpg, gif or png format for the connector's logo that will be displayed on the login screen.

Auth URL

Enter the endpoint as provided by the third-party authentication server. For example, "https://accounts.google.com/o/oauth2/v2/auth" is for Google.

Client ID

Enter the registered client ID as provided by the third-party authentication server.  By default, the text is masked with asterisks, you can click  to view the entered text.

Client Secret

Enter the client secret as provided by the third-party authentication server.  By default, the text is masked with asterisks, you can click  to view the entered text.

Scope

Enter the scope if required by the third-party authentication server. If not required, leave empty.

Resource

Enter the resource value if required by the third-party authentication server. If not required, leave empty.

Access Token URL

Enter the endpoint as provided by the third-party authentication server for exchanging the authorisation code for an access token. For example, "https://www.googleapis.com/oauth2/v4/token" is provided by Google.

User Info URL

Enter the endpoint as provided by the third-party authentication server for returning the logged-in user information. For example, "https://www.googleapis.com/oauth2/v2/userinfo" is provided by Google. This is required by SigningHub for matching the returned email address in the database for the existence of the user.

Email [Attribute]

Enter the value as provided by the third-party authentication server for getting the value of Email Address from the User Info endpoint response. This field is mandatory for all third-party services and accepts only text (non-numeric) values. The value required in this field may vary for different third-party services. For example, "email" is requested by Google, and "mail" by "Azure Active Directory"

Name [Attribute]

Enter the value as provided by the third-party authentication server for getting the value of Name from the User Info endpoint response. . This field is optional for all third-party services. The value required in this field may vary for different third-party services. For example, "name" is requested by Google, and "displayName" by "Azure Active Directory".

Finish

Creates a new connector using the information entered on the dialog.