OAuth 2.0 Overview
OAuth 2.0 defines an authorization framework for people, devices or apps to securely access protected resources through applications or APIs. Third-party applications can gain approval for limited access to an HTTP service, by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. This enables a single, consistent, and flexible identity and policy architecture for web applications, web services, devices, and desktop clients to access APIs on behalf of the user. OAuth 2.0 has emerged as a key platform on which to build in support of new use cases, such as OpenID Connect.
What does it mean for you and your organization?
In fact, it’s pretty simple, now there is one more option to establish an integration between platforms on your side and Easygenerator. And, considering the popularity of oAuth 2.0, that chances that your platforms support it and can be easily integrated with Easygenerator courses are pretty high.
How to set up an integration?
NOTE: oAuth 2.0 integration is available for Team and Enterprise plans only.
Important: to set up an oAuth 2.0 integration between your platform and Easygenerator, the following data is required from your side:
1. oAuth client_id.
2. oAuth client_secret.
3. API documentation:
· URL for authorization;
· URL for getToken;
· URL for getting information about the current user (email and full name are required).
Also, the following callback URLs (redirect URLs) should be used:
· Staging: https://auth-staging.easygenerator.com/api/auth/oauth/<provider-name>?clientId=editor&callbackUrl=https://staging.easygenerator.com
· Production: https://auth.easygenerator.com/api/auth/oauth/<provider-name>?clientId=editor&callbackUrl=https://live.easygenerator.com
Make sure to replace:
<provider-name> with the one we provide you after the integration.
Please fill in this default form and contact [email protected] if you want to set up oAuth 2.0 integration between your platform and the Easygenerator Authoring tool.
Using AZURE AD?
For those clients who have AZURE AD, we use this URL: https://graph.microsoft.com/v1.0/me to get information about the current user, but you need to set specific (API permissions) settings for it.
Here are the articles for getting acquainted with general information on how AZURE AD works: