Overview
This procedure will allow you to use a 3rd party OAuth Authorization Server to authenticate a user to access Zift PRM. You will need the Client ID and Client Secret from the OAuth administrator to complete this task.
This procedure is complex and to help you understand the impact of each choice, it is summarized in graphic form in the attached .PNG file.
Before You Begin
Log into PRM Admin with ssoTask Level 3 rights.
How to Configure the OAuth Authorization Server
- Navigate to .
- Click .
- Provide the necessary information on the Authorization Server definition form:
- Authorization Server Name: A unique user-friendly name for the specific Authorization Server.
- Client ID: A unique identifier provided by the Authorization Server.
- Client Secret: A text string provided by the Authorization Server.
- Authorize URL: The URL which a user will be sent to for login.
- Token Endpoint URL: The URL which provides the access token.
- Data Endpoint URL: The URL which provides scope data for a given access token.
- Scope: The scope (defined on the Authorization Server) that Zift PRM is permitted to access.
- Access token prefix: An identifying text string that will be placed before every token name.
- Server Unique Identifier: This is the name of the field, on the Authorization Server’s side that is used to uniquely identify the user.
- Relayware Unique Identifier: This is the PRM field, used to uniquely identify the user, matched against the Server Unique Identifier, selected from a drop-down list.
- Type of Site to use Authorization Server for:
- It determines which of the PRM sites (PRM internal sites, portal sites) the authorization server is permitted to authorize.
- Redirection URLs: The URL to which the user is directed after completing the login process.
- Set Status: This setting allows you to make any Authorization Server connection active or inactive. When set to inactive, a user will not be able to login through this Authentication Server.
Comments
0 comments
Please sign in to leave a comment.