LDAP (Lightweight Directory Access Protocol) provides secure access to your application by controlling the users defined in Active Directory Windows Server.

Add LDAP Provider

• Open the App Settings configuration screen from the Configuration Manager module.
• Go to the Authentication & Authorization tab.
• Click the drop-down menu under the Authentication Provider heading.
• Select ADD NEW.

• In the Authentication Provider Setting modal screen, select LDAP.
• Enter the required information:
  
  • IP Address: Enter the IP address of the Active Directory Server.
  • Username and Password: Enter a username and password with the Admin role.
  • Port: Specify the port number to be used for the LDAP connection. (Default: 389 or 636 for LDAPS)
  • Distinguished Name: Specify the base directory path to connect to. Example: DC=example,DC=com
  • Search Distinguished Name: Specify the directory root to search for users.
  • Search Template: Define the user search template. Example: (sAMAccountName={0})
  • Bind Type: Select the user authentication type: Simple, Anonymous, or Regular.
  • Protocol: Select the binding protocol: LDAP or LDAPS.
  • User Name Attribute Name: The LDAP attribute to use for user name information. Example: sAMAccountName.
  • First Name Attribute Name: Attribute to use for the user's name. Example: givenName
  • Last Name Attribute Name: Attribute to use for the user's last name. Example: sn
  • Phone Number Attribute Name: Attribute to be used for the phone number. Example: telephoneNumber
• Save by clicking the CREATE button.

After the LDAP integration is complete, the credentials of the users logging in to your application are verified via Active Directory Server.

OAuth 2.0 (Open Authorization 2.0) allows users to securely access an application without sharing credentials.

Add OAuth 2.0 Provider

• Open the Configuration Manager module.
• Create a new configuration or select an existing configuration.
• On the App Settings screen, go to the Authentication & Authorization tab.
• Select ADD NEW from the drop-down menu under the Authentication Provider heading.

• Select the OAuth 2.0 option.
• Enter the required information:
  
  • Name: Specify the name of the provider.
  • Access Token URL: Enter the URL to receive the Access Token.
  • Expiration in Minutes: Enter the validity period of the token in minutes (default: 30 minutes).
  • Client ID and Client Secret: Enter the information provided by your OAuth 2.0 provider.
  • Client Authentication: Select whether to be sent via Header or Body.
  • Scope: Add access permissions if necessary.

• Response Mapping: Define the following fields to map the JSON response in Kuika:

Thanks to the Refresh Token feature of OAuth 2.0, Kuika automatically refreshes the Access Token. You do not need to enter an additional Refresh Token URL for this operation.

• Access Token
• User Name
• First Name
• Last Name
• Refresh Token

Create the provider by clicking the CREATE button.

Generic Auth (REST) is a REST API based authentication system.

Adding a Generic Auth (REST) Provider

• Open the Configuration Manager module.
• Create a new configuration or select an existing configuration.
• Go to the Authentication & Authorization tab.
• Click ADD NEW from the drop-down menu under the Authentication Provider heading.

• Select the Generic Auth (REST) option.
• Enter the required information:
  
  • Name: Specify the name of the provider.
  • REST API URL: Enter the URL to be used for token retrieval. You can access Swagger or Rest API documentation to learn more.
  • Content Type: Select the data format (for example: application/json).
  • Expiration in Minutes: Enter the validity period of the token in minutes (default: 30 minutes).
  • Extra Parameters: Add parameters via Header, Query or Body.

• Response Mapping: Define the following fields to map the JSON response:
  
  • Access Token
  • User Name
  • First Name
  • Last Name
  • Refresh Token

Create the provider by clicking the CREATE button.

MSAL is used to configure Microsoft authentication processes.

Add MSAL Provider

• Open the project you will work with from the Apps screen.
• Click on the Configuration Manager module.
• Create a new configuration or select an existing one.
• Go to the Authentication & Authorization tab.
• Click ADD NEW from the drop-down menu under the Authentication Provider heading.
• Select the MSAL option.

Content added by Global Configuration in the Workspace is displayed as read-only or hidden (***) for unauthorized users.

• Enter the required information:
  
  • Name: Specify the name of the provider.
  • Client ID: Enter the unique ID of the application you retrieved from the Azure portal.
  • Client Secret: Enter the secret key used to authenticate the application.
  • Authority: Specify the authentication URL (e.g. https://login.microsoftonline.com/{tenant}).
  • Scopes: Enter the permissions requested to access (e.g. user.read).
  • Keystore Base64 (Android Only): Enter the Base64 encoded keystore retrieved from the APK file.
  • Cache Location: Select the location to store token and authentication information (for example, localStorage or sessionStorage).
  • Keystore Hash (Android Only): Enter the SHA-1 or SHA-256 hash value.
• Create the provider by clicking the CREATE button.

By following these steps, you can easily integrate different authentication providers on the Kuika platform.