In the applications you develop with Kuika, you can use the Kuika Auth authentication method by default or you can customize authentication processes by selecting another Authentication Provider.

This training content consists of the following topics:

LDAP
OAuth 2.0
Generic Auth (REST)
MSAL

Authentication Provider Selection

1. Authentication & Authorization Tab

Log in to the Kuika platform.
Open the project you will work on from the Apps screen.

Click on the Configuration Manager module.

Go to the Authentication & Authorization tab.

2. Provider Selection

Click the drop-down menu opposite the Authentication Provider heading.
You can use Kuika Auth by default or you can add a new Authentication Provider by clicking ADD NEW.

3. Specify Provider Type

In the modal screen that opens, click on the drop-down menu opposite Type.
Select one of the following provider types:
- Generic Auth (REST)
- OAuth 2.0
- LDAP
- MSAL (Microsoft Authentication Library)

4. Filling in the Required Information

Fill in the information requested on the modal screen depending on the Authentication Provider you have selected.
The fields required for authentication vary depending on the type of provider you choose.

5. Add Provider

After completing the information, click the CREATE button to save your selection.

LDAP

LDAP (Lightweight Directory Access Protocol) provides secure access to your application by controlling the users defined in Active Directory Windows Server.

Add LDAP Provider

Open the App Settings configuration screen from the Configuration Manager module.
Go to the Authentication & Authorization tab.
Click the drop-down menu under the Authentication Provider heading.
Select ADD NEW.

In the Authentication Provider Setting modal screen, select LDAP.
Enter the required information:
- Name: Give the configuration a name.
- IP Address: Enter the IP address of the Active Directory Server.
- Username and Password: Enter a username and password with the Admin role.
Save by clicking the CREATE button.

After the LDAP integration is complete, the credentials of users logging in to your application are authenticated through the Active Directory Server.

oAuth 2.0

OAuth 2.0 (Open Authorization 2.0) allows users to securely access an application without sharing credentials.

Add OAuth 2.0 Provider

Open the Configuration Manager module.
Create a new configuration or select an existing configuration.
On the App Settings screen, go to the Authentication & Authorization tab.
Select ADD NEW from the drop-down menu under the Authentication Provider heading.

Select the OAuth 2.0 option.
Enter the required information:
- Name: Specify the name of the provider.
- Access Token URL: Enter the URL to receive the Access Token.
- Expiration in Minutes: Enter the validity period of the token in minutes (default: 30 minutes).
- Client ID and Client Secret: Enter the information provided by your OAuth 2.0 provider.
- Client Authentication: Select whether to be sent via Header or Body.
- Scope: Add access permissions if necessary.

Response Mapping: Define the following fields to map the JSON response in Kuika:

Thanks to the Refresh Token feature of OAuth 2.0, Kuika automatically refreshes the Access Token. You do not need to enter an additional Refresh Token URL for this operation.

Access Token
User Name
First Name
Last Name
Refresh Token

Create the provider by clicking the CREATE button.

Generic Auth (Rest)

Generic Auth (REST) is a REST API based authentication system.

Adding a Generic Auth (REST) Provider

Open the Configuration Manager module.
Create a new configuration or select an existing configuration.
Go to the Authentication & Authorization tab.
Click ADD NEW from the drop-down menu under the Authentication Provider heading.

Select the Generic Auth (REST) option.
Enter the required information:
- Name: Specify the name of the provider.
- REST API URL: Enter the URL to be used for token retrieval. You can access Swagger or Rest API documentation to learn more.
- Content Type: Select the data format (for example: application/json).
- Expiration in Minutes: Enter the validity period of the token in minutes (default: 30 minutes).
- Extra Parameters: Add parameters via Header, Query or Body.

Response Mapping: Define the following fields to map the JSON response:
- Access Token
- User Name
- First Name
- Last Name
- Refresh Token

Create the provider by clicking the CREATE button.

Microsoft Authentication Library (MSAL)

MSAL is used to configure Microsoft authentication processes.

Add MSAL Provider

Open the project you will work with from the Apps screen.
Click on the Configuration Manager module.
Create a new configuration or select an existing one.
Go to the Authentication & Authorization tab.
Click ADD NEW from the drop-down menu under the Authentication Provider heading.
Select the MSAL option.

Content added by Global Configuration in the Workspace is displayed as read-only or hidden (***) for unauthorized users.

Enter the required information:
- Name: Specify the name of the provider.
- Client ID: Enter the unique ID of the application you retrieved from the Azure portal.
- Client Secret: Enter the secret key used to authenticate the application.
- Authority: Specify the authentication URL (e.g. https://login.microsoftonline.com/{tenant}).
- Scopes: Enter the permissions requested to access (e.g. user.read).
- Keystore Base64 (Android Only): Enter the Base64 encoded keystore retrieved from the APK file.
- Cache Location: Select the location to store token and authentication information (for example, localStorage or sessionStorage).
- Keystore Hash (Android Only): Enter the SHA-1 or SHA-256 hash value.
Create the provider by clicking the CREATE button.