This page details how to enable logins using OAuth.
There are two places that this needs to be enabled. Either in System for both Busby Admin / Config Editor (which share a config), or in each Selector service to allow each Selector to have a different provider.
A third party authenticator is also required to validate the responses and provide the user information to the authentication service.
¶ Selector
Selector has the same configutation as Busby Admin/Config Editor under each service it has an additional check box to allow usage of the system config or to have its own config.
¶ Busby Admin / Config Editor
To allow Okta OAuth logins for Config Editor and Busby Admin the configuration is under System -> System
Check the Enabled checkbox and fill in the relevant details.
- Third Party Authenticator Service: Provide the service that will validate the user.
- Login Text: The text displayed on the login button in the user interface.
- Automatic Login Seconds: If you want the login page to automatically begin a login attempt after this amount of time.
-1= disabled. - Issuer - The name provided by Okta as the Issuer. This is usually your Okta domain. This is used for auto discovery.
- Client ID - The Client ID for the Okta App.
- Client Secret - The Client Secret for the Okta App.
- Scopes - The requsted scopes for the OAuth request.
openidandoffline_accessare required for Okta. If theokta.users.read.selfgrant is not allowed in the Busby User Interface application above then this will also needemail,groupsandprofilescopes along with ticking the use User Profile option in the Authenticator below.