In the applications you develop with Kuika, you can use the default Kuika Auth authentication method or customize the authentication process by selecting another Authentication Provider.
Authentication Provider Selection
Authentication & Authorization Tab
After logging into the Kuika platform, open the project you will work on from the “Apps” screen.
Then click on the “Configuration Manager” module.
Go to the Authentication & Authorization tab.
Click the drop-down menu opposite the Authentication Provider title.
Provider Selection
You can choose Kuika Auth by default from the drop-down menu or you can add a new Authentication Provider by clicking ADD NEW.
Specify Provider Type
In the modal screen that opens, click on the drop-down menu opposite Type.
Select one of the following provider types from the drop-down menu:some text
Generic Auth (REST)
OAuth 2.0
LDAP
MSAL (Microsoft Authentication Library)
Filling in the Required Information
Fill in the information requested on the modal screen depending on the Authentication Provider you have selected.
The fields required for authentication may vary depending on the provider type you choose.
Add Provider
After completing the information, click the CREATE button to save your selection.
LDAP
In the mobile and web applications you develop with Kuika, you can use the LDAP (Lightweight Directory Access Protocol) option to perform user authentication. LDAP provides secure login to your application by controlling the users defined in your Active Directory Windows Server.
Add LDAP as Authentication Provider
Go to the App Settings Screen
Open the App Settings configuration screen in the Configuration Manager module.
Switch to the Authentication & Authorization tab.
Add New Authentication Provider
Click the drop-down menu opposite the Authentication Provider.
Select ADD NEW in the drop-down menu.
Set LDAP Provider
In the Authentication Provider Setting modal screen that opens, select LDAP as the authentication provider type.
Enter LDAP Information
Name: Give the configuration a name.
IP Address: Enter the IP address of the Active Directory Server.
Username and Password: Enter a username and password with the admin role in Active Directory.
Saving
After filling in all the information, click the CREATE button.
Thanks to LDAP integration, the credentials of users who want to log in to your application are verified through Active Directory Server.
You can create a secure authentication mechanism by centralizing Active Directory user management.
The Username and Password you enter will be used to connect to the LDAP server and execute the user authentication process.
After completing these steps, your application will be successfully integrated into the LDAP authentication system.
oAuth 2.0
OAuth 2.0 (Open Authorization 2.0) is an authorization protocol that allows users to securely grant access to an application or service without sharing credentials. A common authentication method for web-based and mobile applications, OAuth 2.0 allows your application to manage users' access to specific resources.
OAuth 2.0 Components
Resource Owner:
The user who grants access. For example, allowing a user to link their Facebook account to an application.
Client:
The application to which the resource owner wants to grant access.
Authorization Server:
The server that authenticates the resource owner and grants access. It also creates an Access Token.
Resource Server:
A server that hosts resources to which access is granted.
OAuth 2.0 Usage
You can add an OAuth 2.0 authentication provider in the applications you develop with Kuika by following the steps below.
Adding OAuth 2.0 Authentication Provider
Open Configuration Manager Module:
Click on the Configuration Manager module in the Header area.
Name Configuration Manager to create a new configuration.
Switch to App Settings Area:
On the App Settings screen, go to the Authentication & Authorization tab.
Select ADD NEW from the drop-down menu opposite Authentication Provider.
Select OAuth 2.0:
On the modal screen that opens, select OAuth 2.0 from the drop-down menu opposite Type.
Making OAuth 2.0 Settings
Enter General Information:
Name: Specify the name of the provider.
Access Token URL: Enter the URL that will be used to receive the Access Token.
Expiration in Minutes: Enter the validity period of the Access Token in minutes (Kuika defaults to 30 minutes if not entered).
Enter Client Information:
Client ID and Client Secret: Enter this information provided by your OAuth 2.0 provider.
Client Authentication: Select whether this information will be sent via Header or Body. Choose according to the provider requirements.
Define Scope and Response Information:
Scope: If required, add Scope information representing your application's access permissions.
Response Mapping: Specify the following fields to map the JSON response returned from OAuth 2.0 in Kuika:
Access Token
User Name
First Name
Last Name
Refresh Token
Thanks to the Refresh Token feature of OAuth 2.0, Kuika automatically refreshes the Access Token. You do not need to enter an additional Refresh Token URL for this process.
Create the Authentication Provider:
After completing the necessary information, click the CREATE button.
Generic Auth (Rest)
Generic Auth (REST) is a REST API based authentication system used to manage authentication of users in applications. This structure allows an application to receive an Access Token via a specific REST API and perform the authentication process.
You can easily add a Generic Auth (REST) authentication provider in the applications you develop with Kuika with the following steps.
Adding Generic Auth (REST) Provider
Open Configuration Manager:
Click the Configuration Manager view mode in the top menu.
Name Configuration Manager to create a new configuration.
Switch to Authentication & Authorization:
On the App Settings screen, navigate to the Authentication & Authorization tab.
Select ADD NEW from the drop-down menu under the Authentication Provider heading.
Select Generic Auth (REST):
In the modal screen that opens, select Generic Auth (REST) from the Type field.
Fill in the Name field to give the provider a name.
Making Token Settings
Add REST API URL:
REST API URL: Specify the URL to be used for token retrieval. You can access it from Swagger or Rest API documentation to learn more.
Content Type Selection:
Content Type: Select the data format of the API returning the token. (For example: application/json or application/x-www-form-urlencoded)
Set Expiration Time:
Expiration in Minutes: Enter the validity period of the token in minutes (e.g. 30 minutes). Kuika defaults to 30 minutes where not specified.
Adding Parameters:
Extra Parameters:
Header: For example, authentication information can be sent using the Authorization header.
Query: You can carry authentication information on the URL.
Body: Data transmission can be done with POST or PUT requests. For example, you can send data in application/json format.
User Parameters:
Username and Password:
Kuika can automatically add username and password parameters.
Specify the parameter type (Header, Query, Body) and key information.
Refresh Token Settings
Enter Refresh Token URL:
Token URL: Specify the URL to be used for the Refresh Token operation.
Content Type Selection:
Content Type: Select the URL content type (e.g. application/json).
Adding Parameters:
Extra Parameters:
Refresh Token You can add Header, Query or Body parameters on the URL.
Kuika automatically adds Token and Refresh Token parameters. Specify the appropriate parameters with the ADD PARAMETERS option.
Making Response Settings
Access Token and Other Information:
Response Mapping: Define the following fields to map the incoming response:
Access Token
User Name
First Name
Last Name
Refresh Token
Refresh Token:
Add the Refresh Token information to the field specified under Response.
Create the Provider
After filling in the required information, you can create your Generic Auth (REST) authentication provider by clicking the CREATE button.
Microsoft Authentication Library (MSAL)
This guide explains in detail the steps to add an Authentication Provider using MSAL on the Kuika Low-Code platform. MSAL is a powerful tool used to configure Microsoft authentication processes and provide secure access to your applications.
How to Add an Authentication Provider?
After logging into the Kuika platform, open the project you will work with from the “Apps” screen.
Then click on the “Configuration Manager” module.
Create a new configuration or select an existing one.
In the Authentication & Authorization section, select one of the MSAL provider options.
Alternatively, create a new configuration by clicking ADD NEW.
Content added by Global Config in the Workspace is displayed as read-only or hidden (***) for unauthorized users.
Fill in the MSAL Setting Modal:
Name: Give the Authentication Provider a meaningful name.
Client ID: Enter the unique ID of the application you retrieved from the Azure portal.
Client Secret: Enter the secret key used to authenticate the application.
Authority: Specify the user authentication URL (e.g. https://login.microsoftonline.com/{tenant} or https://login.microsoftonline.com/common).
Scopes: Enter the permissions that the app requests access to (e.g. user.read).
Keystore Base64: (for Android) Base64 encoded keystore retrieved from the APK file.
Cache Location: Select a location to store token and authentication information (for example, localStorage or sessionStorage).
Keystore Hash (Android Only): (Android Only) SHA-1 or SHA-256 hash value retrieved from the APK file.
Saving:
Check that the information you entered is correct.
Add the MSAL Authentication Provider by clicking theSave button.
You can now use MSAL in your application to perform secure authentication and access authorized resources.
Field Definitions
Name: A meaningful name to identify the Authentication Provider. It allows users to easily recognize the providers they add.
Client ID: The unique ID of the application created in the Azure Portal. Allows the application to be recognized by Azure Active Directory.
Client Secret: Secret key used to verify that the application is an authorized application. It should be kept secret for security purposes.
Authority: The URL used for authentication (e.g. https://login.microsoftonline.com/{tenant}).
Scopes: Permissions that specify which resources the app requests access to (e.g. user.read).
Keystore Base64: Base64 encoded version of the keystore from the (Android) APK file.
Cache Location: A place to store authentication credentials and tokens (e.g. localStorage in the browser).
Keystore Hash (Android Only): (Android Only) The hash information (SHA-1 or SHA-256) from the APK file.
