This part of the guide covers implementing OAuth2 authentication in X3. The examples here correspond to the client created in the Creating an OAuth2 Client section.
- Creating an OAuth2 Service
- Linking Your Users to an OAuth2 Service
- Logging In with OAuth2
- Next Steps
Creating an OAuth2 Service
- Go to Administration > Administration > Settings > Authentication > OAuth2 Servers.
- Click New OAuth2 service.
- Enter the the following values:
- Display name:
Sign in via Google(This value will be displayed on the X3 login screen as a button.)
- URL for authorization:
- URL to get access token:
- OAuth2 client ID and OAuth2 client secret: the values correspond to the the client ID and the client secret obtained at the end of the Creating a Client ID section.
- Scope for Oauth2 requests:
- Batch Authentication: check this box
- URL for requesting user data:
- User field in user name answer:
- Click Save.
Linking Your Users to an OAuth2 Service
You can now follow these steps to enable OAuth2 authentication for a user:
- In X3, go to Administration > Administration > Users > Users.
- Select OAuth2 as the Authentication method.
- In the OAuth2 instance field, select the google service.
- Set Email to the user’s Google email address.
- Click Save.
Repeat these steps for any users executing web services.
Logging In with OAuth2
OAuth2 is not just for web services; it can provide another way for users to sign in.
- Click the Sign in via Google button on the login screen.
- Once redirected to the Google site, authenticate using your Google account, if not already done.
- When prompted to, allow X3 to access your Google profile when logging in for the first time.
You can also add a direct link (e.g.,
https://mycompany.sagex3.com/auth/oauth2/Google/loginStart) to your bookmarks and use it to log in.
Note: You will be authenticated until you log out of your Google account, or until you clear your browser’s cookies. As a result, X3 may not ask you to authenticate each time.