In the applications you develop with Kuika, you can use the Kuika Auth authentication method by default or you can customize authentication processes by selecting another Authentication Provider.
This training content consists of the following topics:
LDAP
OAuth 2.0
Generic Auth (REST)
MSAL
Authentication Provider Selection
1. Authentication & Authorization Tab
Log in to the Kuika platform.
Open the project you will work on from the Apps screen.
Click on the Configuration Manager module.
Go to the Authentication & Authorization tab.
2. Provider Selection
Click the drop-down menu opposite the Authentication Provider heading.
You can use Kuika Auth by default or you can add a new Authentication Provider by clicking ADD NEW.
3. Specify Provider Type
In the modal screen that opens, click on the drop-down menu opposite Type.
Select one of the following provider types:
Generic Auth (REST)
OAuth 2.0
LDAP
MSAL (Microsoft Authentication Library)
4. Filling in the Required Information
Fill in the information requested on the modal screen depending on the Authentication Provider you have selected.
The fields required for authentication vary depending on the type of provider you choose.
5. Add Provider
After completing the information, click the CREATE button to save your selection.
LDAP
LDAP (Lightweight Directory Access Protocol) provides secure access to your application by controlling the users defined in Active Directory Windows Server.
Add LDAP Provider
Open the App Settings configuration screen from the Configuration Manager module.
Go to the Authentication & Authorization tab.
Click the drop-down menu under the Authentication Provider heading.
Select ADD NEW.
In the Authentication Provider Setting modal screen, select LDAP.
Enter the required information:
IP Address: Enter the IP address of the Active Directory Server.
Username and Password: Enter a username and password with the Admin role.
Port: Specify the port number to be used for the LDAP connection. (Default: 389 or 636 for LDAPS)
Distinguished Name: Specify the base directory path to connect to. Example: DC=example,DC=com
Search Distinguished Name: Specify the directory root to search for users.
Search Template: Define the user search template. Example: (sAMAccountName={0})
Bind Type: Select the user authentication type: Simple, Anonymous, or Regular.
Protocol: Select the binding protocol: LDAP or LDAPS.
User Name Attribute Name: The LDAP attribute to use for user name information. Example: sAMAccountName.
First Name Attribute Name: Attribute to use for the user's name. Example: givenName
Last Name Attribute Name: Attribute to use for the user's last name. Example: sn
Phone Number Attribute Name: Attribute to be used for the phone number. Example: telephoneNumber
Save by clicking the CREATE button.
After the LDAP integration is complete, the credentials of the users logging in to your application are verified via Active Directory Server.
oAuth 2.0
OAuth 2.0 (Open Authorization 2.0) allows users to securely access an application without sharing credentials.
Add OAuth 2.0 Provider
Open the Configuration Manager module.
Create a new configuration or select an existing configuration.
On the App Settings screen, go to the Authentication & Authorization tab.
Select ADD NEW from the drop-down menu under the Authentication Provider heading.
Select the OAuth 2.0 option.
Enter the required information:
Name: Specify the name of the provider.
Access Token URL: Enter the URL to receive the Access Token.
Expiration in Minutes: Enter the validity period of the token in minutes (default: 30 minutes).
Client ID and Client Secret: Enter the information provided by your OAuth 2.0 provider.
Client Authentication: Select whether to be sent via Header or Body.
Scope: Add access permissions if necessary.
Response Mapping: Define the following fields to map the JSON response in Kuika:
Thanks to the Refresh Token feature of OAuth 2.0, Kuika automatically refreshes the Access Token. You do not need to enter an additional Refresh Token URL for this operation.
Access Token
User Name
First Name
Last Name
Refresh Token
Create the provider by clicking the CREATE button.
Generic Auth (Rest)
Generic Auth (REST) is a REST API based authentication system.
Adding a Generic Auth (REST) Provider
Open the Configuration Manager module.
Create a new configuration or select an existing configuration.
Go to the Authentication & Authorization tab.
Click ADD NEW from the drop-down menu under the Authentication Provider heading.
Select the Generic Auth (REST) option.
Enter the required information:
Name: Specify the name of the provider.
REST API URL: Enter the URL to be used for token retrieval. You can access Swagger or Rest API documentation to learn more.
Content Type: Select the data format (for example: application/json).
Expiration in Minutes: Enter the validity period of the token in minutes (default: 30 minutes).
Extra Parameters: Add parameters via Header, Query or Body.
Response Mapping: Define the following fields to map the JSON response:
Access Token
User Name
First Name
Last Name
Refresh Token
Create the provider by clicking the CREATE button.
Microsoft Authentication Library (MSAL)
MSAL is used to configure Microsoft authentication processes.
Add MSAL Provider
Open the project you will work with from the Apps screen.
Click on the Configuration Manager module.
Create a new configuration or select an existing one.
Go to the Authentication & Authorization tab.
Click ADD NEW from the drop-down menu under the Authentication Provider heading.
Select the MSAL option.
Content added by Global Configuration in the Workspace is displayed as read-only or hidden (***) for unauthorized users.
Enter the required information:
Name: Specify the name of the provider.
Client ID: Enter the unique ID of the application you retrieved from the Azure portal.
Client Secret: Enter the secret key used to authenticate the application.
Authority: Specify the authentication URL (e.g. https://login.microsoftonline.com/{tenant}).
Scopes: Enter the permissions requested to access (e.g. user.read).
Keystore Base64 (Android Only): Enter the Base64 encoded keystore retrieved from the APK file.
Cache Location: Select the location to store token and authentication information (for example, localStorage or sessionStorage).
Keystore Hash (Android Only): Enter the SHA-1 or SHA-256 hash value.
Create the provider by clicking the CREATE button.
By following these steps, you can easily integrate different authentication providers on the Kuika platform.
