MyOrderDesk Single Sign-On Using an OAuth2 Server Follow
Single Sign-on can be accomplished by using an Oauth2 server. OAuth doesn't share password data but instead uses authorization tokens to prove the identity of your customers.
Below you will find information about how to accomplish a setup using this feature.
To use this feature you will need to work with sales to acquire the needed features if your account does not have them already. Once added to your account, our support team can configure your environment to accept the SSO sign-on attempts. Make sure that support is aware of the setup so that can happen during the process.
Settings
Status: Allows you to enable the SSO option
Server
Authorization Url: This is a setting/information needed from the OAuth2 server
Example: https://oauth2.example.com/auth
Token Url: This is a setting/information needed from the OAuth2 server
Example: https://oauth2.example.com/token
UserInfo Url: This is a setting/information needed from the OAuth2 server
Example: https://oauth2.example.com/userinfo
Learn More: https://www.oauth.com/oauth2-servers/authorization/the-authorization-request/
ClientId: This is a setting needed from the OAuth2 server
Client Secret: This is a setting needed from the OAuth2 server
Learn More: https://www.oauth.com/oauth2-servers/client-registration/client-id-secret/
Scope: This is a setting needed from the OAuth2 server.
Learn More: https://oauth.net/2/scope/
Redirect Url: OAuth2 Server will send users back to this URL
Sign In
Button Text: Shows as the "Sign in" text to the end-users
Example: Sign in with OAuth2
Priority: Give OAuth2 SSO priority (redirection) over email/password after X seconds. The default is 5 seconds.
Updates: Allows for Profile information to be updated On Sign In
Sign Up
Accounts: Auto Create MyOrderDesk Account for Authenticated Users.
Group (Mapped) Attribute: Allows for dynamic myorderdesk group assignment. If the mapped attribute is specified and the JSON value for that attribute is valid (AKA: not an empty string) then it'll try to use the mapped attribute; otherwise, it'll fall back on the static attribute.
Group (Static) Assignment: This allows for a fallback mapping to a static MyOrderDesk Group.
Attribute Mapping
Allow for mapping profile data from one system to the next.
JSON Attribute: The same of the JSON attribute from the SSO server
Profile Field: The MyOrderDesk profile field corresponds to the SSO attribute.
Group Mapping
Group mapping is not available unless 'Group (Mapped)' is configured under Settings. This allows you to correspond JSON attribute values to a specific MyOrderDesk Group.
JSON Value: The value of the attribute from the Group (Mapped) Attribute setting
Group: The MyOrderDesk Group that value corresponds to.