You are here: Reference > Data classes > Authentication Profile data instances > Authentication Profile data instances - Completing the OAuth 2.0 tab

Authentication Profile data instances – Completing the OAuth 2.0 tab

  1. About
  2. New
  3. Basic
  4. NTLM
  5. OAuth 1.0a
  6. OAuth 2.0
  7. History

Complete the OAuth 2.0 tab to create an authentication profile with OAuth 2.0 authentication. Consult the API guide of the external application (OAuth 2.0 provider) that you want to connect to, to learn how to obtain the values that are required for the fields on this tab.

Basic information

Enter the basic details for the OAuth 2.0 authentication profile.

Field

Description

OAuth provider Select or create an OAuth 2.0 Provider data instance. The system automatically populates the Grant type field.
Grant type Select the grant type for the OAuth 2.0 provider.

Password credentials

Enter the credentials that you require to authorize the OAuth 2.0 client in the external application.

Field

Description

Username Enter a page name that references the value for the Username property.
Password

Enter a page name that references the value for the Password property.

Make sure to encrypt the password.

Client information

Enter the credentials that you require to access OAuth 2.0-protected resources in the external application.

Field

Description

Identifier Required. Enter the client ID that is provided by the external application.
Secret Required. Enter the client secret that is provided by the external application.
Scope Enter the scope as specified in the API guide of the external application and as configured for this client.
Redirect URI endpoint

Enter a URI here and in your OAuth 2.0 provider to specify the target endpoint to redirect to on authorization.

This field supports the Global Resource Settings syntax (=PageName.PropertyName). For more information, see Using the Global Resource Settings feature.

Enable SSO (Box.com Only) Optional: Select this option to enable single sign-on (SSO). Users who have already been authenticated against the same identity provider will not be asked to reauthenticate.
Single sign-on (SSO) identity provider (IdP) federation ID

This field is required if Enable SSO is selected. Specify the single sign-on identity provider federation ID used by the Box account. You can get this value from the entityID attribute of the EntityDescriptor element of the IdP metadata XML used to configure SSO to Box.

This field supports the Global Resource Settings syntax (=PageName.PropertyName). For more information, see Using the Global Resource Settings feature.

Use refresh token if available Optional: Select this option to use a refresh token if one is available and supported by the service provider. The refresh token is used to automatically refresh the authorization token when it expires.
Revoke access tokens Click to revoke all access tokens that are generated by the external application for this OAuth 2.0 client.

Additional endpoint parameters

Some OAuth 2.0 providers require additional custom parameters that you can use with the standard parameters when you invoke endpoint URLs. Add the custom parameters in this section.

Field

Description

Authorization code Provide any custom parameters as required for the authorization code endpoint.
Access token

Provide any custom parameters as required for the access token endpoint.

Revoke token Provide any custom parameters as required for the revoke token endpoint.