The OAuth setup process involves a series of configuration tasks performed by different roles (i.e. Site Administrator, API Provider, and App Developer) to achieve the end result of being able to authorize your app using an OAuth Provider. This quick start provides an end-to-end walkthrough to illustrate the overall process and roles performing each task. The walkthrough includes links to more detailed topics within the help.
| Tasks | Performed By / Description |
|---|---|
| Install Resource Owner and OAuth Provider Features | Site Administrator This task is performed using the Akana Administration Console. Each feature installs one or more domains to the Site Administration > Domains section in the platform, and the domains are available for selection via the Add Domain function. Note: This task is performed as part of the initial platform setup process. |
| Configure Resource Owner Domain | Site Administrator / API Provider This task is performed in the Site Administration > Domains section using the Add Domain function. A Resource Owner domain is an identity store that defines OAuth Providers you would like to establish access permissions with. Selecting a Resource Owner is typically based on the most common method by which users will be accessing an API or application (Google®, Yahoo®, Facebook®, etc.). Note: Configuring one or more Resource Owner domains is a prerequisite to configuring an OAuth Provider domain. Configured Resource Owner domains automatically populate the OAuth Provider domain user interface and are required input when you configure the OAuth Provider domain. CA SiteMinder or LDAP Skip this step if you are you are using a Policy Manager CA SiteMinder or LDAP Identity System that you have integrated and configured to support Single Sign-On as the Identity System will already display on the list of available domains in the Resource Owner Authentication Domain drop-down list in the Admin > Add Domain > OAuth Provider wizard (Grant Types tab). |
| Configure OAuth Provider Domain | Site Administrator / API Provider This task is performed in the Site Administration > Domains section using the Add Domain function. The OAuth Provider domain option must first be populated with Resource Owner domains that represent the various OAuth Providers you would like to establish access permissions with. |
| Configure API with OAuth Provider | API Provider This task is performed in the API > API Details section using the OAuth Details function. The Resource Owner and OAuth Provider domains must be pre-defined by the Site Administrator and available for selection in the API OAuth Wizard. |
| Configure OAuth Profile for App | App Developer This task is performed in the App > OAuth Profile section. |
| Send Requests to App to test OAuth Configuration | App Developer You can also try out a specific API, with you app or on its own. Go to API > Test Client. |
Performed by: Site Administrator
Before you can configure authorization domains, you must install the Resource Owner and OAuth Provider domains via the Akana Administration Console. Site Administrators can refer to the Akana API Platform Installation Guide (available on the Akana Support Site) for complete installation instructions. See What domain types are supported? for a list of features and descriptions.
Note: This task is performed as part of the initial platform setup process.
Performed by: Site Administrator / API Provider
The first step in the OAuth Provider configuration process is to identity the target user base that will require authorization when logging into an application. For example, if your users typically use Google as a method of performing an external login, the Site Admin will need to set up a Google Connector domain. If your users typically use SiteMinder as a method of performing an external login, they will require an LDAP identity store.
CA SiteMinder or LDAP
Skip this step if you are you are using a Policy Manager CA SiteMinder or LDAP Identity System that you have integrated and configured to support Single Sign-On as the Identity System will already display on the list of available domains in the Resource Owner Authentication Domain drop-down list in the Admin > Add Domain > OAuth Provider wizard (Grant Types tab).
Performed by: Site Administrator / API Provider
After configuring your Resource Owner Domain, the second step is to configure an OAuth Provider domain.
Performed by: API Provider
After the Site Administrator / API Provider configures the Resource Owner and OAuth Provider domains, they are available on the API > Details page via the OAuth Details function.
Performed by: App Developer
Performed by: App Developer