Setting up SingleSignon

Before going into the detailed configuration please make sure https/SSL is enabled. 

 Set the following configurations to true 

 

 securitySslLogin 

 securitySslPages 

 

 Next activate service icons on the login page 

 

 oauthLoginDisplay 

 

 Google Oauth 

 Using an existing Google account , go to the [ credentials section ]. 

 Navigate to "Credentials" in the left menu. 

 First setup Oauth messages in the  Oauth conscent  section 

 

 Logo, privacy policies etc. are not required but make things look better 

 Note that domain authentication is not required 

 

 Next setup setup credentials 

 

 Navigate back to credentials 

 Click  Create credentials 

 Fill out the information

 

 Authorized JavaScript origins:  https://alpha.tempusserva.dk 

 Authorized redirect URIs:  https://alpha.tempusserva.dk/TempusServa/SignInGoogle 

 

 

 Credentials are generated 

 Copy credentials to your Tempus Serva configuration

 

 oauthGoogleClient = [Client ID] 

 oauthGoogleSecret = [Client secret] 

 

 

 Finally

 

 oauthGoogleAllow = true 

 

 

 

 

 LinkedIn Oauth 

 Follow the guide 

 Copy credentials to 

 

 oauthLinkedinClient 

 oauthLinkedinSecret 

 

 Enable 

 

 oauthLinkedinAllow 

 

 Callback URL 

 

 https://sample.tsnocode.com/app/SignInLinkedin 

 

 Facebook Oauth 

 Follow the guide 

 Copy credentials to 

 

 oauthFacebookClient 

 oauthFacebookSecret 

 

 Enable 

 

 oauthFacebookAllow 

 

 Callback URL 

 

 https://sample.tsnocode.com/app/SignInFB 

 

 Azure Oauth 

 Follow the guide 

 Copy credentials to 

 

 oauthAzureTenant 

 oauthAzureClient 

 oauthAzureSecret 

 

 Enable 

 

 oauthAzureAllow 

 

 Callback URL 

 

 https://sample.tsnocode.com/app/SignInAzure 

 

 ADFS Oauth 

 Follow the guide 

 Copy credentials to 

 

 oauthAdfsServer 

 oauthAdfsClient 

 

 Enable 

 

 oauthAdfsAllow 

 

 Callback URL 

 

 https://sample.tsnocode.com/app/SignInADFS 

 

 WordPress 

 

 Install and activate the  plugin 

 Enable the Oauth-server (Oath Server -> Settings -> Enable Oauth Server) 

 Create a new client (Oauth Server -> Clients -> Add New Client)

 

 Give it a descriptive name 

 Add the Redirect URI (Should be something like:  https://[ts-hostname]/[ts-instance]/SignInWP ) 

 Assign it admin rights 

 Save it 

 

 

 Copy credentials to Configurations

 

 oauthWPClient 

 oauthWPSecret 

 

 

 Input wordpress domain/link to Configuration (no trailing /)

 

 oauthWPHost 

 

 

 Enable Configuration

 

 oauthWPAllow