oAuth 2.0

OAuth 2.0 (Open Authorization 2.0) is an authorization protocol that allows users to securely grant access to an application or service without sharing credentials. A common authentication method for web-based and mobile applications, OAuth 2.0 allows your application to manage users' access to specific resources.

OAuth 2.0 Components

  1. Resource Owner:
    • The user who grants access. For example, allowing a user to link their Facebook account to an application.
  2. Client:
    • The application to which the resource owner wants to grant access.
  3. Authorization Server:
    • The server that authenticates the resource owner and grants access. It also creates an Access Token.
  4. Resource Server:
    • A server that hosts resources to which access is granted.

OAuth 2.0 Usage

You can add an OAuth 2.0 authentication provider in the applications you develop with Kuika by following the steps below.

Adding OAuth 2.0 Authentication Provider

  1. Open Configuration Manager Module:
    • Click on the Configuration Manager module in the Header area.
    • Name Configuration Manager to create a new configuration.
  2. Switch to App Settings Area:
    • On the App Settings screen, go to the Authentication & Authorization tab.
    • Select ADD NEW from the drop-down menu opposite Authentication Provider.
  3. Select OAuth 2.0:
  • On the modal screen that opens, select OAuth 2.0 from the drop-down menu opposite Type.

Making OAuth 2.0 Settings

  1. Enter General Information:
  • Name: Specify the name of the provider.
  • Access Token URL: Enter the URL that will be used to receive the Access Token.
  • Expiration in Minutes: Enter the validity period of the Access Token in minutes (Kuika defaults to 30 minutes if not entered).
  1. Enter Client Information:
  • Client ID and Client Secret: Enter this information provided by your OAuth 2.0 provider.
  • Client Authentication: Select whether this information will be sent via Header or Body. Choose according to the provider requirements.
  1. Define Scope and Response Information:
  • Scope: If required, add Scope information representing your application's access permissions.
  • Response Mapping: Specify the following fields to map the JSON response returned from OAuth 2.0 in Kuika:
    • Access Token
    • User Name
    • First Name
    • Last Name
    • Refresh Token

Thanks to the Refresh Token feature of OAuth 2.0, Kuika automatically refreshes the Access Token. You do not need to enter an additional Refresh Token URL for this process.

  1. Create the Authentication Provider:

After completing the necessary information, click the CREATE button.