TimeBase Web Administrator supports two types of authentication: built-in OAuth2 & SSO. One of those types must be enabled to run the application.
In this case the Web Application performs the roles of the authentication service provider.
Built-In Authentication is enabled by default in the standard configuration of the application.
Refer to Configuration to learn how to configure the application.
- Authentication service provider identification check is made upon each application start.
- Browser local storage is checked to have a Refresh Token for the current user.
- If Refresh Token exists, Silent Token Update is performed to obtain a new Access Token.
- If Silent Token Update fails for any reason, the user will be logged out and redirected to a Login page.
To enable SSO with ORY Hydra, add the following configuration.
Refer to Configuration to learn how to configure the application.
spring:
security:
oauth2:
resourceserver:
jwt:
issuer-uri: <service provider uri>
security:
oauth2:
provider:
providerType: SSO
name: hydra
clientId: <client_id>
validateIssuer: false
userInfo:
enable: true
To enable SSO with Amazon Cognito, add the following configuration.
Refer to Configuration to learn how to configure the application.
spring:
security:
oauth2:
resourceserver:
jwt:
issuer-uri: <service provider uri>
security:
oauth2:
provider:
providerType: SSO
name: cognito
clientId: <client_id>
audience: <audience>
configUrl: <service provider config url>
logoutUrl: <service provider logout url>
usernameClaim: username
validateIssuer: true
To enable SSO with Keycloak, add the following configuration.
Refer to Configuration to learn how to configure the application.
spring:
security:
oauth2:
resourceserver:
jwt:
issuer-uri: <service provider uri>
security:
oauth2:
provider:
provider-type: SSO
name: keycloak
clientId: <client_id>
usernameClaim: preferred_username
validateIssuer: false
validateClientId: true
To enable SSO with Auth0, add the following configuration.
Refer to Configuration to learn how to configure the application.
spring:
security:
oauth2:
resourceserver:
jwt:
issuer-uri: <service provider uri>
security:
oauth2:
provider:
providerType: SSO
name: auth0
clientId: <client_id>
audience: <audience url>
configUrl: <configuration url>
logoutUrl: <logout url>
Refer to Auth0 Configuration to learn how to configure Auth0.