The OAuth2.0 connector allows you to easily connect SigningHub with any third-party authentication service that supports OAuth2.0 protocol like Google, LinkedIn, SalesForce, and Facebook. The "Auth URL" provided in the connector will be used for identifying the third-party service configured in the connector and then authenticating the end users a the time of both logging into SigningHub and performing signatures. 


Create an OAuth2.0 connector

  1. Click the "Configurations" option from the left menu.
  2. Choose the "Connectors" option. 
    The "Connectors" screen will appear.
  3. Click the add  icon from the grid header.



  4. A dialog window appears where you can add the connector details. The connector dialog is comprised of two screens i.e., Basic Information and Details. Select OAuth2.0" from the list of providers and specify the basic information. Click the "Next" button to provide the respective connector details as required by the third-party service; leave the rest empty. 
  5. Click the "Finish" button. A new connector will be created and displayed in the list. See the table below for description of the fields. The OAuth2.0 connector has been added and can be used in an authentication profile.


Basic Information Section

Fields

Description

Name

Specify a unique name for this connector, i.e. My Google. This connector will be used in the configuration of Authentication Profiles.  

Provider

Select the provider for this connector, i.e. "OAuth2.0". 

Purpose

This field will display the purpose of the selected provider above, i.e. the purpose of "OAuth2.0" is "Authentication".

Active

Select to make this connector active. Keep the check box empty to make the connector In-active. An inactive connector cannot be configured in the Authentication Profiles.

Next

Displays the "Details" section. 


The following table describes the fields on the "Details" section of this dialog.


Details Section

Fields

Description

Logo

Select an appropriate image in the jpeg, jpg, gif or png format for the connector's logo that will be displayed on the login screen.

Auth URL

Enter the endpoint as provided by the third-party authentication server. For example, "https://accounts.google.com/o/oauth2/v2/auth" is for Google.

Client ID

Enter the registered client ID as provided by the third-party authentication server.  By default, the text is masked with asterisks, you can click  to view the entered text.

Client Secret

Enter the client secret as provided by the third-party authentication server.  By default, the text is masked with asterisks, you can click  to view the entered text.

Scope

Enter the scope if required by the third-party authentication server. If not required, leave empty.

Resource

Enter the resource value if required by the third-party authentication server. If not required, leave empty.

Access Token URL

Enter the endpoint as provided by the third-party authentication server for exchanging the authorisation code for an access token. For example, "https://www.googleapis.com/oauth2/v4/token" is provided by Google.

User Info URL

Enter the endpoint as provided by the third-party authentication server for returning the logged-in user information. For example, "https://www.googleapis.com/oauth2/v2/userinfo" is provided by Google. This is required by SigningHub for matching the returned email address in the database for the existence of the user.

Email [Attribute]

Enter the value as provided by the third-party authentication server for getting the value of Email Address from the User Info endpoint response. This field is mandatory for all third-party services and accepts only text (non-numeric) values. The value required in this field may vary for different third-party services. For example, "email" is requested by Google, and "mail" by "Azure Active Directory"

Name [Attribute]

Enter the value as provided by the third-party authentication server for getting the value of Name from the User Info endpoint response. . This field is optional for all third-party services. The value required in this field may vary for different third-party services. For example, "name" is requested by Google, and "displayName" by "Azure Active Directory".

Finish

Creates a new connector using the information entered on the dialog.  


  1. For example if your SigningHub site is "https://web.signinghub.com" then the Callback URL for SigningHub will be "https://web.signinghub.com/OAuth2/CallBack".
  2. If you do not wish to implement Single Sign-On (SSO), and would like to authenticate the user every time, add "prompt=login" at the end of the Auth URL. For example, "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?prompt=login".




See Also