OAuth 2.0 defines an authorization framework for people, devices or apps to securely access protected resources through applications or APIs. Third-party applications can gain approval for limited access to an HTTP service, by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This enables a single, consistent and flexible identity and policy architecture for web applications, web services, devices and desktop clients to access APIs on behalf of the user. OAuth 2.0 has emerged as a key platform on which to build in support of new use cases, such as OpenID Connect.
But what does it mean for you and your organization?
In fact it’s pretty simple, now there is one more option to establish an integration between platforms on your side and Easygenerator courses. And, considering the popularity of oAuth 2.0, that chances that your platforms support it and can be easily integrated with Easygenerator courses are pretty high.
How to setup an integration?
Important: in order to setup an oAuth 2.0 integration between your platform and Easygenerator courses, the following data is required from your side:
- oAuth client_id.
- oAuth client_secret.
- API documentation:
- URL for authorization;
- URL for getToken;
- URL for get information about the current user (email and full name are required).
Also, the following callback URLs (redirect URLs) should be used:
- for staging: https://auth-staging.easygenerator.com/course/oauth/callback;
- for the production: https://auth.easygenerator.com/course/oauth/callback.
Note: oAuth 2.0 integration is available for Team and Enterprise clients.
Once the integration is set up
Once the integration is enabled for your accounts, you can use the following link to access your courses with SSO enabled:
Make sure to replace:
- <provider-name> with the one we provide you after the integration;
- <full-url-to-the-published-course> - the private link to a particular published course.
Using AZURE AD?
Those clients who have AZURE AD we use this URL: https://graph.microsoft.com/v1.0/me to get information about current user, but you need to set specific (API permissions) settings for it.
Here are the articles for getting acquainted with general information how AZURE AD works: