This requires Admin privileges to setup.
The OAuth configuration is a simple setup that will allow your users to use an OAuth profiler to authenticate with dashboards starting with v10.3a. From iDashboards Admin select System then Authentication. The screen should look like the following:
There are several fields that need to be populated and they will be unique to the provider:
Identity Providers Name: A text field and show the text at the end of "Login with ______".
Authorization Endpoint: Endpoint on the authorization server where the resource owner logs in, and grants authorization to the client application
Token Endpoint: HTTP endpoint that micropub clients can use to obtain an access token given an authorization code.
UserInfo Endpoint: Uses the access token rather than the ID token to look up the user info.
UserInfo Mapping Claims: information that is requested from the authorization account to be returned to dashboards. Sub is required, email would be another common request. For additional information on claims, you can see the following documentation OpenID Claims 5.1.
Microsoft | ||
Authorization Endpoint | https://accounts.google.com/o/oauth2/v2/auth | https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize |
Token Endpoint | https://www.googleapis.com/oauth2/v4/token | https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token |
UserInfo Endpoint | https://www.googleapis.com/oauth2/v3/userinfo | |
sub, email |
You will need to obtain the Client ID and Client Secret directly from the authorization source.
To configure Google as your authorizer you will need to use the Google Developers Console. Select Credentials and you can choose to use an existing OAuth 2.0 Client IDs or at the top of the page create a new Client ID by clicking Create Credentials. You will need to select the OAuth Client ID and will be prompted for the application type. iDashboards is a Web Application. In the next selection group, you will be asked for a Name you can use iDashboards or whatever you want to name the connection. Skip over Authorized JavaScript Origins and go to Authorized Redirect URIs, you will need to put the domain name of your iDashboards site and Data Hub. You should be able to use the Redirect URL from the OAuth2 Configuration section in iDashboards.
Example:
https://MYiDashboardsSite.com:8443/idashboards/auth/callback
https://MYiDashboardsSite.com:8443/idbdata/auth/callback
If you do not have a fully qualified domain name you will need to perform this next setup using localhost until you have your domain. Once you have populated the callback URL you are able to press Create. The next screen is where you will be able to get the Client ID and Client Secret.
Last you will need to click Enable.
For More Information: iDashboards Admin Manual 13.3.3 OpenID Connect Identity Provider
If the above is unable to resolve the issue, then please contact iDashboards Support for further assistance.
Comments
0 comments
Please sign in to leave a comment.