OAuth2.0 Authentication

Select OAuth 2.0 Authentication and configure a grant type. Access tokens are generated based on the your configured grant type.

Client Credentials

  1. Enter the OAuth 2.0 Token URL.

    For example:

    https://{your SCIM 1.1 Domain}/Services/oauth2/token

  2. Enter the Client ID.

    The client ID is issued to the source during the registration process for OAuth 2.0 on the SCIM server.

  3. Enter the Client Secret.

  4. Add the Key and Value pairs for the additional OAuth Request Parameters

  5. You can set the attributes that you want to exclude from the request in the Attributes Exclude Request field.

  6. Select Save.

JWT

  1. Enter the OAuth 2.0 Token URL.

    For example:

    https://{your SCIM 1.1 Domain}/Services/oauth2/token

  2. Enter the Client ID for JWT.

  3. Enter the corresponding Client Secret.

  4. Enter the Private Key and the corresponding Private Key Password used to sign the JWT.

  5. The JWT Header contains the algorithm used for signing the JWT assertion. It must be the same algorithm used for generating the private key. The format of the JWT header is as follows:

    Key = alg

    If required, the additional header attributes can be provided in this key-value pair. Enter value of the JWT headers key.

    For example:

    Value=RS256

  6. The JWT Payload is the key to have information on the JWT Claim. For JWT, it is mandatory to have the payload key for a successful Test Connection and other operations. The mandatory attributes are:

    • aud – Audience

    • exp – Expiry of the JWT assertion

    • iss – Issuer

    • sub – Subject

    If required, additional payload attributes can be provided in this key-value pair based on the target system.

  7. Add the Key and Value pairs for the additional OAuth Request Parameters.

  8. (Optional) Set the attributes that you want to exclude from the request in the Attributes Exclude Request field.

  9. Select Save.

Refresh Token

  1. Enter the OAuth 2.0 Token URL.

    For example:

    https://{your SCIM 1.1 Domain}/Services/oauth2/token

  2. Enter the Client ID for Refresh Token.

  3. Enter the corresponding Client Secret.

  4. Enter the Refresh Token.

  5. Select Save.

  6. Add the Key and Value pairs for the additional OAuth Request Parameters.

  7. (Optional) Set the attributes that you want to exclude from the request in the Attributes Exclude Request field.

  8. Select Save.