Previous Topic: Set Openformat Cookie Properties (Optional)Next Topic: Enable Oauth Authentication Method for Tenant Environment

Single Sign-On ServiceSSO Getting Started GuideConfigure and Apply an OAuth Authentication SchemeConfigure the Custom OAuth Authentication Scheme

Configure the Custom OAuth Authentication Scheme

Follow these steps:

  1. In the CSP console, click Infrastructure, Authentication.
  2. Click Authentication Schemes.

    The Authentication Schemes page appears.

  3. Click Create Authentication Scheme.

    Verify that the Create a new object of type Authentication Scheme is selected.

  4. Click OK

    The Create Authentication Scheme page appears.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

  5. Enter a name and protection level. Do not use spaces in the name.

    Examples:

  6. Select Custom Template from the Authentication Scheme Type pull-down menu.
  7. Configure the scheme-specific settings:
    Library

    smjavaapi

    Secret/Confirm Secret

    If your system is behind a proxy server, enter the proxy server password. The associated user name must be provided in the oauth.properties file. The system uses these credentials to access external sites and gain access to the token and user information.

    Parameter

    Specify the OAuth authentication scheme implementation class name and the authentication scheme name and path to the OAuth properties file. The syntax is:

    com.ca.sm.oauth.SmAuthOAuth <auth_scheme_name> <oauth.properties_file_path>

    Examples:

    com.ca.sm.oauth.SmAuthOAuth oauth_google_scheme opt/ca/
    siteminder/config/properties/oauth-google-tenant1.properties

    com.ca.sm.oauth.SmAuthOAuth oauth_google_scheme ca/
    siteminder/config/properties/oauth-facebook-tenant2.properties

    Note: Spaces separate the authentication scheme name and properties file path.

  8. (Optional) Select the Persist Authentication Session Variables check box to persist authentication scheme claims in the session store.

    For persistent variables, the realm that uses this authentication scheme must support persistent sessions and the Policy Server must be configured with a session store.

  9. Save the authentication scheme.