Authentication Providers

In the mobile and web applications you develop with Kuika, you can use the LDAP option, a security and user authentication system, to check your users defined in your Active Directory Windows server when logging into the application.

In this training content;

The context of adding LDAP as an authentication provider will be described.

1. Add LDAP as Authentication Provider

To add LDAP as an authentication provider, go to the App Settings configuration screen in Configuration Manager view mode.

Under the Authentication & Authorisation tab, click the drop-down menu opposite Authentication Provider.

In the pop-up screen titled Authentication Provider Setting, select LDAP as the authentication provider type.

You must add the configuration name to the Name field and the Active directory server IP Address to the IP Address field. For Username and Password fields, enter the username and password of a user who is in the admin role in Active Directory and click the CREATE button.

OAuth 2.0 (Open Authorisation 2.0) is an authorisation protocol used when granting users access to an application or service. OAuth 2.0 is a popular authorisation method, especially for web-based and mobile applications. OAuth 2.0 allows an application to manage users' access to certain resources (such as a social media account or cloud storage service) and to securely authorise users to access those resources without sharing credentials.

OAuth 2.0 consists of four key components:

• Resource Owner: The resource owner is the user who grants access. For example, if a user wants to grant access to his/her Facebook account to another application, this user is the resource owner.
• Client: The client is the application to which the resource owner wants to grant access. The client represents the party that wants to access the resources.
• Authorisation Server: The authorisation server authenticates the resource owner and grants access. This server manages processes such as verifying the user's identity and authorisation information and creating an access token.
• Resource Server: A resource server is a server that hosts resources to which access is granted. For example, a photo sharing application resource server stores the user's photos.

While configuring the backend of the application you developed with Kuika, you can add oAuth 2.0 to the backend configuration.

1. Add oAuth 2.0 as Authentication Provider

Click the Configuration Manager view mode in the Header area. Create a new configuration setting by naming Configuration Manager.

Configuration Manager View Mode

In App Settings, in Authentication & Authorisation field, go to Authentication Provider field.

Add an Authentication Provider configuration

Click ADD NEW in the Selectbox. Select oAuth 2.0 from the Type field.

You can add oAuth 2.0 as an authentication provider to the applications you develop with Kuika.

Entering oAuth information on the pop-up that opens

On the oAuth 2.0 screen, you must fill in the requested information to make the settings.

• Name the authentication provider via the text input box opposite the Name heading.
• The next thing you need to do for oAuth 2.0 is to add the information in the Request drop-down menu.

oAuth2.0 Request information input

• First of all, you must enter the Access Token URL in order to log in / get Access Token from oAuth 2.0.
• Then enter the time after which the received Access Token will expire in minute type via the text input box opposite Expiration in Minutes. If you do not enter Expiration in Minutes, Kuika will set a time of 30 minutes by default.
• The next step is to enter the Client ID and Client Secret information provided by the server, which is required to invoke oAuth 2.0.
• After entering the Client ID and Client Secret information, in the next step, you must select whether you want to send the Client ID and Client Secret information in the Header or Body via the drop-down menu opposite Client Authentication.

oAuth2.0 Client Authentication selection

• You must perform the selection process in accordance with the working type (header/body) of oAuth 2.0 on the other side.
• After the selection process, if you have a Scope, you must enter the Scope in String type via the text input box opposite the Scope.
• Another information you need to add for oAuth 2.0 is Response information.
• A Response will be returned by executing the Request information entered.
• Some information is needed to match the returned Response in Kuika.

Entering Response data

• This information is Access Token, User Name, First Name, Last Name and Refresh Token. You can access this information from the .json file in the return value.
• Since oAuth 2.0's Refresh Token continues with Refresh Token via Acces Token URL, Kuika can automatically call Refresh Token in the background. Thus, you do not need to enter a Refresh Token URL again.

After entering the required information, click the CREATE button to create the authentication provider.

Generic Auth (Rest) is an authentication provider that is typically used by an application or system to authenticate users. In this case, the provider called Generic Auth (Rest) is used to manage REST API based authentication processes. Generic creates a structure that can call the token of the REST API.

While configuring the backend of the application you developed with Kuika, you can add Generic Auth (REST) to the backend configuration.

1. Add Generic Auth (REST) as Authentication Provider

Click the Configuration Manager view mode in the Header area. Create a new configuration setting by naming Configuration Manager.

In App Settings, in Authentication &Authorisation field, go to Authenication Provider field.

Add an Authentication Provider configuration

Click ADD NEW in the Selectbox. Select Generic Auth from the Type field. You can add Generic Auth(Rest) as an authentication provider to the applications you develop with Kuika.

On the Generic Auth (REST) screen, you must fill in the requested information to make the settings.

• Name the authentication provider via the text input box opposite the Name heading.
• The next thing you need to do for Generic Auth (Rest) is to make Token settings. There is some information you need to fill in the Token Settings drop-down menu.
• Firstly, you must provide the REST API URL entry to access the user information.
• The URL is the API URL that the user opens out to get the Token and returns the Token. It is possible to get the URL from Swagger.

• The Content Type of the API returning the token is selected.

• application/json is a data transmission and storage format and is a media type or MIME type for text-based data formats. JSON organises data in the form of key-value pairs. A JSON data can contain basic data types such as objects, arrays, arrays, numbers, text, boolean (true/false) values and null values.
• application/x-www-form-urlencoded is an encoded media type (MIME type) of the form data sent by web browsers to servers.

• This type of encoding makes the data URL compliant, so that characters with special meaning in the URL, such as special characters and spaces, are encoded appropriately. For example, if a username is entered as ‘john_doe’ and a password is entered as ‘pass123’, this form data could be submitted as
• username=john_doe&password=pass123

The expiry time of the Token is determined in the Expiration In Minutes field in minute type. Enter the Token validity period as a numeric value via the text box opposite the ‘Expiration In Minutes’ heading. For example (when 30min is entered, this value is entered. It is not converted.

• Then, if there is an extra Header, Query and Body parameter to call the information in the entered URL, add parameters and enter the parameter information as key and value pair.
• When Header is selected, it is used as a Header parameter when calling the Rest API. You can send authentication information using the ‘Authorisation’ header as a Header parameter. This header is used to pass the necessary information to the authentication provider to verify your user identity.
• When Query is selected, the query parameter is typically used to redirect the user to the authentication page or to pass specific information during the authentication process. For example,

         https://authorization-provider.com/login?client_id=abc123&redirect_uri=https://myapp.com/callback&scope=openid%20profile&response_type=code

• When Body is selected, the Body parameter specifies a specific media type (MIME type). This determines how the Body is processed and interpreted. For example, an HTTP body containing JSON data may use the application/json MIME type, while an HTML page may use the text/html MIME type.

Body is generally used in POST and PUT requests. In cases where data needs to be sent to the server, the Body parameter is used. It is frequently used especially in data entry or update operations such as web forms.

Generic Auth(REST) Token settings parameter addition

• Kuika allows you to add username and password parameters automatically. All you need to do is to click the ADD PARAMETERS button under the parameter heading and select Custom, Username, Password, items in the drop-down menu.
• The Value information of Username and Password items are automatically filled in by Kuika. You only need to specify the parameter type (Header, Query, Body) and keys.
• Another information you need to add for Generic Auth (Rest) is Refresh Token settings. Refresh Token allows a refresh operation to be performed to provide access due to a timeout.
• You can set the Refresh Token via the Refresh Token Settings tab.

Entering Generic Auth(REST) Refresh Token settings

• Firstly, enter the Refresh Token URL via the text box opposite the Token URL title.
• Then select the URL content type via the drop-down menu opposite the URL Content Type heading.
• Then, if there is an extra Header, Query and Body parameter to call the information in the Refresh Token URL, add a parameter and enter the parameter information as key and value pair.

Generic Auth(REST) Refresh Token settings parameter addition

• Kuika allows you to add Token and Refresh Token parameters automatically. All you need to do is to select Token and Refresh Token items in the drop-down menu by clicking the ‘ADD’ button under the parameter heading.
• Value information of Token and Refresh Token items are automatically filled in by Kuika. You only need to specify the parameter type (Header, Query, Body) and keys.
• Another information you need to add for Generic Auth (Rest) is the ‘Response’ information.
• A Response will be returned by executing the Token information entered.
• Some information is needed to match the returned Response in Kuika.

Entering Generic Auth(REST) Response settings

• This information is Access Token, User Name, First Name, Last Name and Refresh Token. You can access this information from the returned .json file.
• If you have Refresh Token, you can enter the Refresh Token information via the text box opposite the Refresh Token title under Response.

After entering the required information, click the CREATE button to create your authentication provider.

User manual content related to Microsoft Authentication Library (MSAL) will be published here soon.