Configure the pre-built OAuth 2.0 authentication plugin module
Along with the installation of Hubway Connect you might have opted for the use of custom authentication methods. If your authentication method of choice is OAuth 2.0, you will not need to implement it from scratch, as we provide a example of its implementation through a Hubway authentication plugin, called HWAuthentication_OAuth2.
* Note that this module is optional and if you donโt have it available on your environment, reach out to our support team.
By default, signature verification is enabled. To disable it open the module in ServiceCenter and set the VerifySignature site property
to False. To enable it follow these steps:
- Open your Ping console generated in Create Ping Account
-
Go to Applications and click on the created application, navigate to the Configuration tab
-
Click on the pencil on the top right corner to edit the configuration
-
Add https://example.com in the Redirect URIs field and save
-
- Expand the URLs section
-
-
Paste the following path on your browser:
{Authorization URL}?response_type=token id_token&client_id={Client ID}&redirect_uri=https://example.com&scope=openid%20profile
* {Authorization URL} and {Client ID} are displayed in the Configuration tab of the created app.
-
Youโll be requested to login with the Ping user created in Create Ping Account (and might be requested to change the password)
-
After login, copy the link from the browser, and retrieve the id_token from the path.
Example: https://example.com/#access_token=eyJraWQiOiJ[..]kgUqDv7w&[..]&id_token=eyJraWQ[..]eoCl0VtbmY7Q -
Open the module HWAuthentication_OAuth2 in ServiceCenter and to include the signature verification, set the following site properties
-
ExpectedSignatureKeyId
-
Open JWT.IO and paste the id_token
-
Copy the kid value and set the value of the site property
-
-
SignatureKey
-
In Ping open the Application and navigate to the Configuration tab and expand the URLs
-
Copy the JWKS Endpoint and open it in a browser tab
-
Search for the key with the same kid value as the one defined in JWT.IO , and set the value of this site property with the entire content of the JSon record you found
Example:
{ “kty”: “RSA”, “e”: “AQAB”, “use”: “sig”, “x5t”: “TXBdKPlRe7upoxbRxLEzlGgkTN8”,
ย ย “kid”: “d9aa0090-4317-11ee-ac7e-776c27709711”,
ย ย “x5c”: [
“MIIDtDCCApygAwIBAgIGAYorkL6UMA0GCSqGSIb3DQEBCwUAMIGaMQswCQYDVQQGEwJVUzEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEWMBQGA1UECwwNUGluZyBJZGVudGl0eTFbMFkGA1UEAwxSUGluZ09uZSBLZXkgUm90YXRpb24gUG9saWN5IGZvciBDdXN0b21lciBTb2x1dGlvbiBFbnZpcm9ubWVudCA3NWVhMjUyOCBlbnZpcm9ubWVudDAeFw0yMzA4MjUwMDAwMDBaFw0yNDA4MjUwMDAwMDBaMIGaMQswCQYDVQQGEwJVUzEWMBQGA1UECgwNUGluZyBJZGVudGl0eTEWMBQGA1UECwwNUGluZyBJZGVudGl0eTFbMFkGA1UEAwxSUGluZ09uZSBLZXkgUm90YXRpb24gUG9saWN5IGZvciBDdXN0b21lciBTb2x1dGlvbiBFbnZpcm9ubWVudCA3NWVhMjUyOCBlbnZpcm9ubWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOZE8+rV+kMqHyP7ruKsLj4ECZlvwAR7mDXS91a6TzbAa37W3u1Q82kwr/XSEh0UB1g8fv+46XPH6XlkMr3dSQC6385vo2RQKWIjQ4oGTvoGEpuwYDj5XOTE9lk1THCAr7N8mnp9F3YVSA13zl4xTet167lWQMyv5UaLs7CE3QI50egEZUP0enqnqNJimMYmYxAexXKRlcP2V/Je0pEWbfEEf/gcMkj1k2ECyPbFYbf3GoKFkkKe8ilcBLZ6qmY5KhogrSyKv3ulySNuct30iBrXyvsQ6Msu6DCmS61q3ug+5S/xvNIXUl5fnJUp58h/G6FPHg3KAZAXh4NUrArTVLUCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAz8+WsGDrHJmfBq+YJOv/vzNqKiWuZH9c8oWWcwQ88Bt93/ik9j68iPo9cVp5gc5k+zMbZ+3MSfmPFwDSrc2wO+2WeDTauK4JpKyA01rPugOtXCjdLhmpWoyqwZLGNZXLXiyyEVexaxmid7Y+4oilT4u1jw7obTa9RAM/hHpl9v56M2cgZUm5HFCbdlbTL+fBx9CiYgqrlGhm5NQjOCJ/KZURywfKV5M7p2xf9/GN/iElu/RUadNfJLvdHtWonOHg2NsxJmFANm5Z02Ox4zuBc1VIdrW+h5gtCKOD4g2bEo6pe+JJVr02ZNPQImRT0Vox6EaOCYmGeosZmjNu8a4c/g==” ],
ย ย “n”: “5kTz6tX6QyofI_uu4qwuPgQJmW_ABHuYNdL3VrpPNsBrftbe7VDzaTCv9dISHRQHWDx-_7jpc8fpeWQyvd1JALrfzm-jZFApYiNDigZO-gYSm7BgOPlc5MT2WTVMcICvs3yaen0XdhVIDXfOXjFN63XruVZAzK_lRouzsITdAjnR6ARlQ_R6eqeo0mKYxiZjEB7FcpGVw_ZX8l7SkRZt8QR_-BwySPWTYQLI9sVht_cagoWSQp7yKVwEtnqqZjkqGiCtLIq_e6XJI25y3fSIGtfK-xDoyy7oMKZLrWre6D7lL_G80hdSXl-clSnnyH8boU8eDcoBkBeHg1SsCtNUtQ”
}
-
-
-
- You can use the id_token as the bearer token when accessing a Hubway project with OAuth 2.0 authentication
See an example of how to use a Bearer token, when consuming APIs, using Postman:
Next step: Configure Hubway OAuth2 Client Sample app