Scribd
Upload
124 views

How To Setup Oauth2 Authentication With Google: Global Support

This document provides steps to set up OAuth2 authentication with Google accounts in Sage X3. It involves creating a client ID and secret in the Google Developer Console, configuring an OAuth2 service in Sage X3 with the client information from Google, and linking Sage X3 users to their Google accounts for authentication. The user is then redirected to Google to log in with their account before being allowed access to Sage X3.

Uploaded by

Nacer IDJEDARENE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
124 views

How To Setup Oauth2 Authentication With Google: Global Support

This document provides steps to set up OAuth2 authentication with Google accounts in Sage X3. It involves creating a client ID and secret in the Google Developer Console, configuring an OAuth2 service in Sage X3 with the client information from Google, and linking Sage X3 users to their Google accounts for authentication. The user is then redirected to Google to log in with their account before being allowed access to Sage X3.

Uploaded by

Nacer IDJEDARENE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

How to setup OAuth2

Authentication with Google


Global Support
08 2016
Prerequisites
You will require the following items to set up OAuth2 with a Google account:
 Your server URL – public or private – is required. Examples https://www.my_server.com or
https://MyServerName.
A Google account that will be used to administer the service. This can be done through following link:
https://accounts.google.com/SignUp?continue=https%3A%2F%2Faccounts.google.com%2FManageAccount

We will use the mock account my_admin_account@gmail.com in the following example.


 Select a name for your OAuth2 service. It must start with a letter (A-Z or a-z) followed by any
combination of letters (A-Z or a-z), digits or underscores. In the following example, the name MyAuth2 is
used.
 Oauth2 must be configured as a valid authentication method in your Sage X3 nodelocal.js file such as
below:
session: {
timeout: 30, // minutes
checkInterval: 60, // seconds
auth: ["basic", "oauth2"]
}

Step 1: Create a client ID


 Create a project through https://console.developers.google.com

Sage X3 How to setup OAuth2 Authentication with Google 2/7


 Go to Credentials and create new Credentials:

 The Product Name needs to be supplied the first time you create credentials (and only that time):

Sage X3 How to setup OAuth2 Authentication with Google 3/7


 When you save, you will be redirected to the following screen:

 Select Web Application and populate the Name, Authorized JavaScript origins and Authorized
redirect URLs:

 Click Create and you will be given a ClientID and Secret, which you should store in a safe place (e.g.
KeePass password manager), for reference later:

Sage X3 How to setup OAuth2 Authentication with Google 4/7


Step 2: Create an Oauth2 service in the
Sage X3 Web Server (Product Update 9)
 Go to Administration > Settings > Authentication > OAuth2 – Create a new OAuth2 service:

 The name of the service must match the service name chosen earlier (Prerequisites) exactly. The
display name can be chosen freely.
 The frames highlighted in red above hold constant values for Oauth2 Google authentication. They must
be populated exactly as shown in the picture above for any Google service:
– Oauth2 server URL without path: https://accounts.google.com
– Path for authorization: /o/oauth2/auth
– Path to get access token: /o/oauth2/token
– Scope for Oauth2 requests: https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
– URL for requesting user data: https://www.googleapis.com/oauth2/v1/userinfo
– Redirect path for Oauth2 server: /auth/oauth2/MyOauth2/loginCallback
 The information in blue (Oauth2 client ID and Oauth2 client secret) corresponds to the client ID
shown and to the password defined in the Client ID for web application section on the Google service
site, on the page that shows the client ID.

Sage X3 How to setup OAuth2 Authentication with Google 5/7


Step 3: Link your users to their Google account
At this stage you are ready to enable oAuth2 authentication for all users. Follow the steps below to link
users to their Google accounts:
 Ensure that both oauth2 and basic are enabled in your nodelocal.js file.
 Edit the Global settings. Change the default authentication method to oauth2.
 Edit the admin user. Set his/her authentication method to DB (This is a safety net in case your auth2
configuration does not work - you will change it later).
 Edit a test user (other than admin). Set their email to a Google account for which you have valid
credentials, your personal account for example.
 Log in with the test user. If you get an error, log in again as admin to fix the oauth2 configuration and try
again.
 When the test is successful, log in again as admin, assign a Google account email to the admin user
and change the admin user to use the default authentication method (oauth2). 
 Check all user emails and edit them if necessary to match the user's Google account.
 Edit your nodelocal.js and only enable oauth2. Restart the Web server. Your server is now safely
configured to authenticate all users, including Admin, with their Google accounts.

Note
We recommend you use an external identity service such as LDAP or oAuth2 for all users, including
special users that support web service calls. Nevertheless, you will need to adapt your web service
clients to authenticate with oAuth2
If you are using web services published by Sage X3, you can temporarily activate both basic and oauth2
in your nodelocal.js file and configure the special web service users to use basic authentication. This will
allow you to keep your web services in operation while you adapt them for oauth2. Once you have
upgraded your web service clients you should edit nodelocal.js again and only enable oauth2 to tighten
security.

Sage X3 How to setup OAuth2 Authentication with Google 6/7


User connection
The login screen contains buttons for different authentication methods. The user must click on the button
that shows the name of the service (as defined in the prerequisites above) in capital letters. There may be
several buttons below the External Accounts headline, similar to the example below:

A direct link can also be typed and/or set in your browser favorites to access Google authentication directly:
http://www.my_server.com/auth/oauth2/MyOauth2/loginStart
When this is done, you are redirected to the Google site to authenticate using your Google account if this
has not already been done. The page appears as follows:

You will be prompted by Google to allow Sage X3 to access the email address for that profile when logging
in for the first time:

Note: Your authentication will be valid until you log out of your Google account or clear your browser’s
cookies As a result Sage X3 may not need to prompt you to authenticate if your Google login is still valid.

Sage X3 How to setup OAuth2 Authentication with Google 7/7

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy