Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DEV and version r0821

D toc

Excerpt

Workspace administrators can enable the use of OAuth 2.0 authentication for creating connections to third-party datastores that support OAuth 2.0 or greater authentication.

OAuth 2.0 is an industry-standard protocol for authorization between systems. In

D s product
rtrue
, it is implemented as a security protocol for access to data sources and publishing destinations. 
D s item
itemadminstrators
 can enable users of the product to connect to specified third-party systems through an OAuth 2.0 client app that you create in the system, using an OAuth 2.0 client reference that is created in the 
D s webapp
.

When enabled and configured, the 

D s webapp
 uses the OAuth 2.0 client to create a secure token, which is used to authenticate to the third-party system.Internally, the
D s platform
leverages the secure token service to manage the creation and use of these secure tokens. For OAuth 2.0, this service uses a backing database for storing tokens.Requirements:

  • OAuth 2.0 client app: In the target system, you must create an object called a client app, which provides an authentication interface into the system for external connections.
    • You must create one client app for each external system to which you are enabling connectivity.
  • OAuth 2.0 client: In the 
    D s webapp
    , you must create at least one configuration object for each client app that you have created.

  • Enable the creation of OAuth 2.0 clients in the
    D s webapp
    .
  • Enable the secure token service, which is used to manage the secure tokens of the
    D s webapp
    .
  • Install and configure the database used by the secure token service. Installation should happen automatically as part of the normal install or upgrade process.

Details on these requirements are listed below.

Enable

Enable OAuth 2.0 client creation

The ability to create OAuth 2.0 clients in the

D s webapp
must be enabled. Please verify the following configuration.

Steps:

  1. D s config
  2. Please locate the following setting and set it to true:

    Code Block
    "feature.adminConsole.oauth2ClientsManagement.enabled": true,
  3. Save your changes.

Enable Secure Token Service

OAuth 2.0 requires the use of the secure token service for managing the authentication tokens. For more information, see Configure Secure Token Service.

Install Secure Token Database

The secure token service database is installed as part of normal database install or upgrade operations. For more information, see Install Databases.

Create OAuth 2.0 App

For each target system, you must create an OAuth 2.0 app in the system, which provides an external interface for 

D s product
.

Info

NOTE: The requirements for creating an OAuth 2.0 app depend on the system. Some example setups are available below. For more information, please see the documentation provided with your target system.

D children
alltrue

Create OAuth 2.0 Client

Through the 

D s webapp
, you must create an OAuth 2.0 client that connects to the OAuth 2.0 app that you have created. 

Authenticate OAuth 2.0 Connections

When you create a connection that uses OAuth 2.0, the specified connection must be authorized to be given access to the datastore. In the Create Connection window, click Authenticate.

Info

NOTE: If you modify a connection or the tokens generated under the previous authorization have expired, you must re-authenticate the connection. Edit the connection and click Re-authenticate.