-
Notifications
You must be signed in to change notification settings - Fork 149
Login via VK OAuth2 Identity Provider
Goto https://vk.com/apps?act=manage and create new VKontakte Application Goto Application Setting. There will be your app App Id and App Secret.
Login into console. Goto Access Control then select target realm. Goto Authentication
Under section Module Instances create new Authentication Module. Enter new module instance name, for example vkontakte. Authentication module type is OAuth 2.0 / OpenID Connect
Then select module, you've just created from module list and enter following settings:
Setting | Value |
---|---|
Client Id | Your VKontakte Application App Id |
Client Secret | Your VKontakte Application App Secret |
Authentication Endpoint URL | https://oauth.vk.com/authorize |
Access Token Endpoint URL | https://oauth.vk.com/access_token |
User Profile Service URL | https://api.vk.com/method/users.get |
Scope | Here you should enter scope, according to VKontakte documentation for example email |
OAuth2 Access Token Profile Service Parameter name | access_token |
Proxy URL | [Your OpenAM URL]/oauth2c/OAuthProxy.jsp for example: https://openam.example.com/openam/oauth2c/OAuthProxy.jsp |
Account Provider | org.forgerock.openam.authentication.modules.common.mapping.DefaultAccountProvider |
Account Mapper | org.forgerock.openam.authentication.modules.common.mapping.JsonAttributeMapper |
Account Mapper Configuration | Attribute configuration that will be used to map the account of the user authenticated in the OAuth 2.0 Provider to the local data store in the OpenAM. Example: id=uid |
Attribute Mapper | org.forgerock.openam.authentication.modules.common.mapping.JsonAttributeMapper |
Attribute Mapper Configuration | Attribute configuration that will be used to map the user info obtained from the OAuth 2.0 Provider to the local user data store in the OpenAM. Example: last_name=givenName id=uid |
You can setup remaining attributes on your own, depending your authentication process requirement and press Save and then Back to Authentication
Under section Authentication Chaining create new Authentication Chain, enter its name, for example, vkontakte and add recently created module vkontakte
Your authentication chain should look like this:
Instance | Criteria | Options |
---|---|---|
vkontakte | Required |
Goto [Your OpenAM URL]/UI/Login?org=[your org]&service=[facebook auth chain], for example, http://example.openam.com/openam/UI/Login?org=/&service=vkontakte and you should see facebook authentication dialog