Configure OAuth 2.0 (Email Settings)
OAuth stands for Open Authorization. The 2.0 refers to the version.
OAuth 2.0 is an authorisation framework protocol that enables a user to grant a third-party web site or application access to that user’s protected resources and data - without necessarily revealing their identity or their credentials, and without directly authenticating that user.
By introducing this separation layer, the third-party client requests access on the user’s server to the user’s protected resources, and is granted their own individual distinctive and different set of credentials from anyone else who may have access - including the credential held by the user or resource owner.
This special different access is by way of a specific string known as an Access Token. This string specifies such things as the scope and length of the access.
The Configure OAuth 2.0 Authenticator editor is used for specifying the OAuth information for modules that require connection through protocols that support OAuth connections, and requires specific information pertinent to this particular authorisation to be entered, so that the appropriate access tokens can be granted and received..
Once set at Global level, these OAuth 2.0 settings will apply across the entire configuration.
OAuth 2.0 settings can also be individually set for particular Transports. Please refer to Transports for more information.
For information particular to tokens, please refer to OAuth 2.0 Tokens.
Fields
Field Name | Description |
|---|---|
Grant type | Select the grant type for access from those available in the drop-down list. |
Auth endpoint | The Auth (authorise) Endpoint is the address of the site/organisation used to interact with the resource owner to authenticate the request and gain consent for the permissions required to access the protected resource. Enter the address, or select an address from the drop-down list. |
Token endpoint | The Token Endpoint is the address of the site/organisation to use in order to get the Access/Refresh Token pair once consent has been given. Enter your own value, or select an address from the drop-down list. |
Redirect URL http://localhost: | The number of the assigned port. The field is pre-populated with a default value. |
Scope | Limit the Scope of the access. Enter your own value (such as “PHOTO_ONLINE_ACCESS” or “READ ONLY”), or select from the drop-down list. |
Client Id | The Client ID value as supplied for authentication purposes. This may appear as just some random collection of characters. |
Client secret | The Client Secret, supplied for authentication purposes. This may appear as just some long random collection of characters. |
Token | The Access Token identifier value is automatically populated here. |
Token expiration | The Access Token expiry date and time is automatically populated here. |
Refresh token | The Refresh Token identifier ID value is automatically populated here. |
Buttons
Field Name | Description |
|---|---|
Save | Click to Save any changes you have made. All changes will be lost if you do not click the Save button. |
Cancel | Click to Cancel any changes you have made. |
Forced Refresh | Send a Refresh Token request to the Auth Endpoint server to immediately request a new Access/Refresh Token pair - regardless of the expiry of the existing Access Token. |
Refresh Token | Send a Refresh Token request to the Auth Endpoint server. The Access Token must be expired. |