To connect any OAuth2-compatible login provider, the ‘Generic OAuth2 login provider’ offers corresponding configurations.
Connect OAuth2 login provider in Bare.ID
All fields and options that can be filled or set for the connection as an external login provider are displayed on the ‘Connect OAuth2’ page.
Name: Specify a unique and descriptive name for the login provider. This will also be displayed on the button on the login page for users.
Description: Optionally add a description of the login provider that uniquely identifies it during administration.
Login provider ID: Specify a unique ID for the login provider. This can no longer be changed after saving.
Redirect URL: This URL must be stored in the OAuth2 login provider and cannot be edited.
Display position: If several login providers are connected, define the position that the login provider button should occupy on the login page here.
Client ID: Client ID from the OAuth2 provider
Client Secret: Client Secret from the OAuth2 provider
Authorization URL: URL for the authorization. This URL is used to direct the user to the login
Token URL: URL for the token exchange. This URL is used to exchange the authorization code for a token.
User Info URL: URL for user information. This URL is used to retrieve information about the authenticated user.
User ID Attribute: JSON path to the user ID in the response JSON of the user info endpoint.
Username attribute: JSON path to the user name in the response JSON of the user info endpoint.
An example of the use of the user info endpoint
Configuration
User Info URL:
https://api.example.com/v1/user/info
User ID attributes:
user.refId
Username attribute:
user.mail
Request for user data:
Authorization: Bearer <ACCESS-TOKEN>
GET https://api.example.com/v1/user/info
Response from the server
Content-type: application/json
Body:
{
"user": {
"mail": "user@example.com",
"firstname": "Jane",
"lastname": "Doe",
"refId": "0a86dc40-7fea-4934-8414-b4d40318aa91"
}
}
The required attributes are then resolved as follows:
User ID attribute:
0a86dc40-7fea-4934-8414-b4d40318aa91
Username attribute:
user@example.com