AEM Mobile: Setting up Google as an Identity Provider

Similar documents
PowerExchange for Facebook: How to Configure Open Authentication using the OAuth Utility

Organize and Deliver Digital Assets Using Adobe Experience Manager v6.x Student Workbook

INSTALLATION GUIDE Spring 2017

Oracle Cloud Using the Google Calendar Adapter with Oracle Integration

Zephyr Cloud for HipChat

NIELSEN API PORTAL USER REGISTRATION GUIDE

Chime for Lync High Availability Setup

Grandstream Networks, Inc. Captive Portal Authentication via Twitter

Google Sheets API Connection

DEPLOYMENT ROADMAP May 2015

BLACKBERRY SPARK COMMUNICATIONS PLATFORM. Getting Started Workbook

Single Sign-On for PCF. User's Guide

Oracle Cloud Using the Google Calendar Adapter. Release 17.3

Integrate Salesforce. EventTracker v8.x and above

USER MANUAL. SalesPort Salesforce Customer Portal for WordPress (Lightning Mode) TABLE OF CONTENTS. Version: 3.1.0

OAuth with On-Premise ReportPlus Server Installation Guide

WP Voting Plugin - Ohiowebtech Video Extension - Youtube Documentation

How to set up VMware Unified Access Gateway with OPSWAT MetaAccess Client

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

Product Update: ET82U16-029/ ET81U EventTracker Enterprise

PTC Navigate Manage Traces Installation and Configuration Guide PTC Navigate Manage Traces 1.0 with Integrity Lifecycle Manager and Windchill

REST API Operations. 8.0 Release. 12/1/2015 Version 8.0.0

Symantec Endpoint Protection Manager Quick Integration Guide. for PacketFence version 7.4.0

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

Using OAuth 2.0 to Access ionbiz APIs

Installation Guide for antegma accallio OX Version 1.0

SmartList Builder for Microsoft Dynamics GP 10.0

Oracle Cloud. Using the Google Calendar Adapter Release 16.3 E

Oracle Cloud Using the Eventbrite Adapter with Oracle Integration

Entrust PartnerLink Login Instructions

ProfileUnity with FlexApp Technology

Sticky Notes for Cognos Analytics by Tech Data BSP Software

Integrate Microsoft Office 365. EventTracker v8.x and above

ESS Utility Android App User Guide

Integrate Microsoft ATP. EventTracker v8.x and above

What s new and changed in Adobe ColdFusion (2016 release) Update 3

PTC Windchill Quality Solutions Extension for ThingWorx Guide

Grandstream Networks, Inc. Captive Portal Authentication via Facebook

One Identity Manager 8.0. Administration Guide for Connecting to Cloud Applications

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

Table of Contents. I. How do I register for a new account? II. How do I log in? (I already have a MyJohnDeere.com account.)

Box Connector. Version 2.0. User Guide

Sophos Mobile. Network Access Control interface guide. Product Version: 8.1

CHIME 2.6 QUICK GUIDE TO SETUP A HELPDESK QUEUE

6/29/ :38 AM 1

for Salesforce Question-to-Case Connector

Sophos Mobile Control Network Access Control interface guide. Product version: 7

Supported 3rd Party Authentication Providers for Odyssys

Coveo Platform 7.0. Yammer Connector Guide

Installation Guide for antegma accallio SP Version 1.0

BizViz How-to-Guide. Business Story. Copyright All rights reserved. No part of this publication may be. Release : 2.0. Date : Feb.

Oracle Cloud Using the Adobe esign Adapter. Release 17.3

Oracle Cloud Using the Microsoft Adapter. Release 17.3

One Identity Starling Two-Factor AD FS Adapter 6.0. Administrator Guide

MAX Shop Paper. Balance Point Technologies, Inc. MAX Shop Paper. User Guide. Certified MAX Integrator

Instant HR Auditor Installation Guide

2017 WorkPlace Mobile Application

Intel Education Theft Deterrent Release Note WW16'14. August 2014

Cambium Wireless Manager

Setting up the Zendesk Connector...3

BlackBerry AtHoc Networked Crisis Communication. BlackBerry AtHoc API Quick Start Guide

TECHNICAL GUIDE SSO JWT. At 360Learning, we don t make promises about technical solutions, we make commitments.

MYOB EXO API v1. Release Notes EXO BUSINESS MYOB ENTERPRISE SOLUTIONS

Integrate Saint Security Suite. EventTracker v8.x and above

Oracle Cloud Using the Eventbrite Adapter. Release 17.3

ReportPlus Embedded Web SDK Guide

Chat Connect Pro Setup Guide

FieldView. Management Suite

Oracle Cloud Using the Trello Adapter. Release 17.3

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

Red Hat 3scale 2.3 Accounts

MAX Workbench. Balance Point Technologies, Inc. MAX Workbench. User Guide. Certified MAX Integrator

x10data Smart Client 6.5 for Windows Mobile Installation Guide

CA Mobile Device Management Configure Access Control for Using Exchange PowerShell cmdlets

Smart Card Authentication Guide

Learning Management System. User Manual

Cloud Access Manager How to Deploy Cloud Access Manager in a Virtual Private Cloud

Desktop LP - Connect Guide. Version 2.1 February 2016

Mobile Procurement REST API (MOBPROC): Access Tokens

Sophos Mobile Control User guide for Windows Mobile

Martin Baker Secure Source-to-Pay How to Access and Log In

ActivIdentity 4TRESS AAA Web Tokens and F5 BIG-IP Access Policy Manager. Integration Handbook

Installation Guide Integrating Worksoft Certify with IBM Rational Quality Manager

MS Exchange Scheduling

Mashery I/O Docs. Configuration Guide

Optimized Sales & Marketing Setup Guide

Getting Started Install and Configuration ThingWorx Studio Trial Version 8.2.1

Smart Card Authentication Guide

Asana for bpm'online. User manual

SailPoint IdentityIQ 6.4

API Gateway. Version 7.5.1

GUIDE SOFTWARE INSTALLATION USER MANUAL

Inland Revenue. Build Pack. Identity and Access Services. Date: 04/09/2017 Version: 1.5 IN CONFIDENCE

Partner Center: Secure application model

Host Access Management and Security Server Administrative Console Users Guide. August 2016

PROCE55 Mobile: Web API App. Web API.

SOCIAL LOGIN FOR MAGENTO 2

Cloud Access Manager How to Configure Microsoft SharePoint

Introduction to Kony Fabric

BlackBerry Developer Summit. A02: Rapid Development Leveraging BEMS Services and the AppKinetics Framework

Transcription:

AEM Mobile: Setting up Google as an Identity Provider Requirement: Prerequisite knowledge Understanding of AEM Mobile Required Products AEM Mobile Google Account Generating the client ID and secret To integrate with the Google OAuth service, you will need to generate a pair of client ID and secret with the right configurations. 1. Navigate to the Google developer portal.

2. If you have already logged in, continue to the next step. Otherwise, you will be prompted to sign in with a Google account. 2

3. From the Google developer portal, select the Credentials option from the left rail. 3

4. Under the Credentials tab, select the Create credentials button. 5. From the dropdown, select OAuth client ID 4

6. When creating the client ID, select Web application as the application type: a. Enter the desired name for this application b. Enter the authorized redirect URIs, this is also found in the Identity Provider: https://es.publish.adobe.com/oauth2 c. Select the "Create button 5

7. When successfully created, the client ID and client secret will be displayed in the next screen. Adding Google as an Identity Provider Now that you have the Google OAuth client ID and secret, you can set up Google as an Identity Provider in the AEM Mobile On-Demand Services. Below are the necessary configurations: 1. Authorization Grant Type choose either Authorization Code or Implicit. 2. Token Endpoint enter the following Google OAuth token URL: https://accounts.google.com/o/oauth2/token 3. Client Secret the Google client secret that was generated previously (see: Generating the client ID and secret earlier in this article). 4. Authorization Endpoint enter the following Google OAuth authorization URL with the necessary parameters: a. https://accounts.google.com/o/oauth2/auth?access_type=offli ne&prompt=consent b. The authorization URL allows for more optional parameters, for the full list, please refer to the Google documentation: Using OAuth 2.0 for Client-side Web Applications. 5. Client Identifier the Google client ID that was generated previously (see Generating the client ID and secret earlier in this article). 6. Access Token Scope enter the desired access that the token will need, such as email, profile. 6

Granting access based on Google user After setting up Google as an Identity Provider in AEM Mobile, this will enable users to log in with their Google account. To entitle a Google user to a collection, you will need to set up an entitlement service with the get entitlement request. 1. After a successful login with Google, the AEM Mobile Runtime will send an access token to the entitlement service in the following POST data field: o authtoken 2. Using the following Google API, you can use the access token to pull the user profile from Google: o https://www.googleapis.com/oauth2/v1/userinfo?access_token=<acces S_TOKEN> 3. If you have entered email and profile in the access token scope previously (see: Adding Google as an Identity Provider earlier in this article), then you should see the basic Google user profile and email information. o Optionally, you can cache the access token and email so that you can limit the number of requests in step #2 and increase performance. For example, cache the access token and email for up to 24 hours so that the email address is only requested once a day 4. Depending on your entitlement service setup, you can query the entitlement server using the Google user email for the list of entitled product IDs. 7

Sample Code The following is an example for an entitlement service written in PHP: <?php // http://<your_entitlement_server>/services/index.php // one of the many ways of filtering special characters, // there are also more sophisticated 3rd party libraries that do this function escapeurldata($datatoescape) { if(get_magic_quotes_gpc()) { $datatoescape = stripslashes($datatoescape); } else { $datatoescape = strip_tags($datatoescape); } return $datatoescape; } // attempts to read the access token POST from the AEM Mobile Runtime $authtoken = isset($_request["authtoken"])? escapeurldata($_request["authtoken"]) : null; // continues only if the access token is provided if ($authtoken) { // trade in the access token for user profile using the Google API $response = file_get_contents('https://www.googleapis.com/oauth2/v1/userinfo?access _token='. urlencode($authtoken)); // decode the JSON string in order to access the data $googleuser = json_decode($response, true); // the Google user email is in the "email" property $googleuseremail = $googleuser['email']; IDs }?> // TODO: using the Google user email, // query the entitlement server for a list of entitled product 8

Legal Notice The contents of this guide is subject to the Terms of Use, is furnished under license and may be used or copied only in accordance with the terms of such license. No part of this guide may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, without the prior written permission of Adobe Systems Incorporated. Please note that the content in this guide is protected under copyright law even if it is not distributed with software that includes an end user license agreement. The content of this guide is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Adobe Systems Incorporated. Adobe Systems Incorporated assumes no responsibility or liability for any errors or inaccuracies that may appear in the informational content contained in this guide. Please remember that existing artwork or images that you may want to include in your project may be protected under copyright law. The unauthorized incorporation of such material into your new work could be a violation of the rights of the copyright owner. Please be sure to obtain any permission required from the copyright owner. 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback