Set up Authentication Providers

How to set up authentication providers ?

1. Google - 

Create new project in Google Developer Console or configure existing project

• Go to - Google Developer Console
• Create/select your project

• Go to OAuth consent screen
  • Select internal or external
  • Set Application name
  • Set Application logo
  • Required scope fields in Scopes for Google APIs are email, profile
  • Set Authorized domains redirect from
  • Save

• Go to Credentials
  • Click on + CREATE CREDENTIALS
  • Select OAuth client ID
  • Select Web application as Application type
  • Use a name you can identify
  • Set Authorized redirect URLs as https://{your-domain}/openidauth/openIdCredentials or https://{your-domain}/web/index.php/openidauth/openIdCredentials
  • Click on create

• Copy Client ID and Client Secret to OrangeHRM
• Google Provider URL is - https://accounts.google.com

2. Microsoft -

• Refer to the guide provided by Microsoft. 

3. Auth0 -

• Go to https://auth0.com/ Create Login and log in to your account, or else click signup and create a new account. 

• Go to the Applications tab and select Applications. Click Create New and choose Regular Web Application. 

• Copy the  domain (provider URL), client ID and client Secret to create a new OIDC provider.            Add the homepage URL and allow callback URLs in the Application URI section.                                 Save the settings. 

• In Application Properties you can add a logo and keep the application type as “Regular Web Application”. 
• In Application URIs add the redirect URL (https://{your-domain}/openidauth/openIdCredentials)  under Allowed Callback URL
• You can keep other settings as it is and save changes. 

To use Auth0 as an OIDC provider with username and password authentication, you need to add a user to the application. To add a new user go to the user tab under User Management. Click Create User and give the necessary information. 

Google OIDC support is added to the Auth0 application by default. If you want to add more providers (such as Microsoft, Apple,  Slack, etc.) go to the social tab in Authentication and click Create Connection. Then follow the steps relevant to the product.

** Follow the necessary steps given in each product you want to integrate with the Auth0

4. Okta -

Go to -  https://www.okta.com/ and create an account according to your requirements.

You can try a free trial here https://www.okta.com/free-trial/. Sign in to your account and go to the admin account. In the Applications tab select Application and go through the following steps to create a new application. 

• Click Create App Integration

• In the prompt window select OIDC - OpenID Connect as the Sign-in method and Web Application as the Application Type.

• Then provide the Application Name, Company Logo, redirect URIs and save. You can set the access levels to allow everyone in the organization or for a selected group of people. 
• After creating the application you can get a Client ID and Client Secret
• For your provider URL follow this pattern https://${yourOktaDomain}/oauth2/default