You are here: Reference > Data classes > Authentication Profile data instances > Authentication Profile data instances - Completing the OAuth 2.0 tab

Authentication Profile data instances
Completing the OAuth 2.0 tab
  1. About 
  2. New 
  3. Basic 
  4. NTLM 
  5. OAuth 1.0a 
  6. OAuth 2.0 
  7. History 

Complete the OAuth 2.0 tab to create an authentication profile with OAuth 2.0 authentication. Consult the API guide of the external application (OAuth 2.0 provider) that you want to connect to, to learn how to obtain the values that are required for the fields on this tab.

Basic information

Enter the basic details for the OAuth 2.0 authentication profile.

Field

Description
OAuth provider Select or create an OAuth 2.0 Provider data instance. The system automatically populates the Grant type field.
Grant type Select the grant type for the OAuth 2.0 provider.

Client information

Enter the credentials that you require to access OAuth 2.0-protected resources in the external application.

Field

Description
Identifier Required. Enter the client ID that is provided by the external application.
Secret Required. Enter the client secret that is provided by the external application.
Scope Enter the scope as specified in the API guide of the external application and as configured for this client.
Redirect URI endpoint

Enter a URI here and in your OAuth 2.0 provider to specify the target endpoint to redirect to upon authorization.

This field supports the Global Resource Settings syntax (=PageName.PropertyName). For more information, see Using the Global Resource Settings feature.
Enable SSO (Box.com Only) Optional: Select this option to enable single sign-on (SSO). Users who have already been authenticated against the same identity provider will not be asked to reauthenticate.
Single sign-on (SSO) identity provider (IdP) federation ID

This field is required if Enable SSO is selected. Specify the single sign-on identity provider federation ID used by the Box account. You can get this value from the entityID attribute of the EntityDescriptor element of the IdP metadata XML used to configure SSO to Box.

This field supports the Global Resource Settings syntax (=PageName.PropertyName). For more information, see Using the Global Resource Settings feature.
Use refresh token if available Optional: Select this option to use a refresh token if one is available and supported by the service provider. The refresh token is used to automatically refresh the authorization token when it expires.
Revoke access tokens Click to revoke all access tokens that are generated by the external application for this OAuth 2.0 client.

Additional endpoint parameters

Some OAuth 2.0 providers require additional custom parameters that you can use with the standard parameters when you invoke endpoint URLs. Add the custom parameters in this section.

Field

Description
Authorization code Provide any custom parameters as required for the authorization code endpoint.
Access token

Provide any custom parameters as required for the access token endpoint.
Revoke token Provide any custom parameters as required for the revoke token endpoint.

Open topic with navigation