Workspace administrators can enable the use of OAuth 2.0 authentication for creating connections to third-party datastores that support OAuth 2.0 or greater authentication.
OAuth 2.0 is an industry-standard protocol for authorization between systems. In
, it is implemented as a security protocol for access to data sources and publishing destinations.
can enable users of the product to connect to specified third-party systems through an OAuth 2.0 client app
that you create in the system, using an OAuth 2.0 client
reference that is created in the
When enabled and configured, the
uses the OAuth 2.0 client to create a secure token
, which is used to authenticate to the third-party system.Internally, the
leverages the secure token service
to manage the creation and use of these secure tokens. For OAuth 2.0, this service uses a backing database for storing tokens.Requirements:
- OAuth 2.0 client app: In the target system, you must create an object called a client app, which provides an authentication interface into the system for external connections.
- You must create one client app for each external system to which you are enabling connectivity.
- OAuth 2.0 client: In the , you must create at least one configuration object for each client app that you have created.
- Enable the creation of OAuth 2.0 clients in the .
- Enable the secure token service, which is used to manage the secure tokens of the .
- Install and configure the database used by the secure token service. Installation should happen automatically as part of the normal install or upgrade process.
Details on these requirements are listed below.
Enable OAuth 2.0 client creation
The ability to create OAuth 2.0 clients in the
must be enabled. Please verify the following configuration.
Please locate the following setting and set it to
Save your changes.
Enable Secure Token Service
OAuth 2.0 requires the use of the secure token service for managing the authentication tokens. For more information, see Configure Secure Token Service.
Install Secure Token Database
The secure token service database is installed as part of normal database install or upgrade operations. For more information, see Install Databases.
Create OAuth 2.0 App
For each target system, you must create an OAuth 2.0 app in the system, which provides an external interface for
NOTE: The requirements for creating an OAuth 2.0 app depend on the system. Some example setups are available below. For more information, please see the documentation provided with your target system.
Create OAuth 2.0 Client
, you must create an OAuth 2.0 client that connects to the OAuth 2.0 app that you have created.
Authenticate OAuth 2.0 Connections
When you create a connection that uses OAuth 2.0, the specified connection must be authorized to be given access to the datastore. In the Create Connection window, click Authenticate.
NOTE: If you modify a connection or the tokens generated under the previous authorization have expired, you must re-authenticate the connection. Edit the connection and click Re-authenticate.