I am in a process to evaluate the capabilities of DocuSign by integrating with ServiceNow. If that works out well we are gonna take the licensing part forward for signup.
Link to ServiceNow Docs for using DocuSign Spoke of Integration Hub
DocuSign: https://developers.docusign.com/esign-rest-api/guides/building-integration
The issue here is : Steps given in the DocuSign documents and the relevant option isn’t present in DocuSign Sandboxed instance. Basically I am not able to get the Client ID and Client Secret.
I am not really sure of the significance of giving the Sandboxed instance if we can't do any integration.
Steps from Docusign
Snip from DocuSign Sandbox instance
Please provide any points on this integration and way forward to get it done.
Thanks.
You can do full dev integration with the Sandbox instance. First you need to know the Authentication Type to be used by your integration which you can read here. Once You know which Auth type to use, then you can either follow Auth Code Grant which will help you in creating IntegratorKey (aka ClientId), SecretKey and Redirect URI. But if you want to do JWT then you need to follow JWT Auth which will guide you in creating RSA Key Pair and Redirect URI.
Related
Wanted to use Okta to log in to our application, so we did it using SSO integration. If using Godaddy Cloud, it works great, however if using Google Cloud, we see a white label error page. The Google Cloud is where we actually want to access it. Please provide advice on what to do in this case.
Considering the limited details provided, I presume that Okta is being used for SAML SSO to G-Cloud. If that is the case, then review this reference link: https://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Google-Cloud-Platform.html
Usually, the most common reason for a blank page post-authentication is SAML response is not fully consumed by the SP(GCloud in this case).
The architecture of the system is like this
User can log into the website using either username-password approach (after registration) or a google-sign-in.
I want to know how can I implement authentication and authorization for this scenario.
Here is what I am thinking of implementing :
Have an REST API server built over NodeJS and Express.
The login and registration processes are handled by this server as well.
The authentication is done by using JWT Tokens stored in the client side. And these tokens are then used again for authorization of endpoints as well.
How much secure is this approach? And how can google sign in be added to this architecture.
And also if a seperate server for making auth requests is needed as mentioned in OAuth 2.0?
It would be better if the system remains Stateless to follow the principles of RESTFul APIs.
This post that I have written might give you some insight.
https://dev.to/ralphwjz/login-management-for-spa-and-everyone-else-12o6
The post covers Github login but if you replace GitHub with google, the rest of the flow is exactly the same.
I can answer more questions once in context
i created sandbox account login successfully but not find client token where it is.enter image description here
Full disclosure, I work at Braintree. If you have any further questions, I recommend contacting support
Braintree is a full-stack payments solution. In order to pass a client token on your client-side, you'll need to first generate a client token on your server, then pass it to your client. As an example, here's how you'd generate one in Ruby:
#client_token = gateway.client_token.generate
Alternatively, you can use a tokenization key for client authentication. This is a static key with reduced privileges, but still can authenticate your client to work with Braintree's servers. You can find your tokenization key in the Control Panel.
I recommend reviewing the [Getting Started documentation][get], as there is a lot of great information and images to help illustrate getting Braintree integrated. You could also check out some of the end-to-end examples for full-context of an example integration.
According to the "tutorial" (the docs themseleves say nothing) Auth0 should set a JWT for me on login, but it's not clear what it means by this. How do I get that JWT?
We already have a login flow in place that uses a hosted page that is accessed through a CNAME CNAME.example.com. Following this process:
I go to example.com/login
I am redirected to the CNAME CNAME.example.com/authorize?...
Then again to CNAME.example.com/login
Username and Password are POSTed to CNAME.example.com/usernamepassword/login
This returns a form containing the JWT and automatically POSTs to CNAME.example.com/login/callback
This then redirects back to our main site example.com/langing-page but the JWT is not received here.
Because it's a CNAME, Auth0 would be able to set an HTTP Only, Secure cookie for our domain, that would be enough.
I've only just jumped on this project and understand that if it was built from scratch we could use the API directly to get the JWT but I can't work out how to do it for the existing flow.
I'm sure we're missing something simple, but the documentation is not forthcoming. Do I need to do a login via the API instead?
EDITED: To clarify the login flow exists and works using a hosted page on auth0, I need to get the JWT after the user has logged in.
MORE INFO: We're using the Auth0 WordPress Plugin which correctly logs us in as the right user (as well as helps us create new users) but does not seem to expose the JWT. That page does mention getting JWTs but refers to the deprecated wp-jwt-auth plugin
The links provided is for general information about JWT's; for accomplishing an authentication through Auth0 there are better suited documentation. In particular, you should start with the quickstarts (https://auth0.com/docs/quickstarts) to check if there's any that is directly associated with the application and stack you're building.
In addition to that, you can also check the docs associated more with protocol flows (assuming you want OIDC/OAuth 2.0): https://auth0.com/docs/api-auth/which-oauth-flow-to-use
The above should guide you about which flow to use and then for each you can follow the links to have a better understanding of how the flow can be implemented.
As an additional note the /login endpoint should be treated as an implementation detail; for OIDC/OAuth 2.0 you need to start the request at /authorize.
We're a small-ish educational institution whose school email is through Google Apps for Education. We have contracted with an external vendor who is provisioning accounts for Google by getting a list of students from our AD who do not have an email account already provisioned. Once provisioned, the student authenticates to Google services by using their AD account credentials (which is how they access network resources while on campus).
I've been looking into saving a bit of $$ by bringing this process in-house but have been struggling while seeking tangible examples of how to go about doing this. The documentation that I did find has a deprecation warning. Is SAML still how this authentication scheme would be handled? If so, can someone help point me in the correct direction for this?
I've looked through the similar questions and none of them really seem to help.
Python and .NET are accepted solution implementations here.
There are two ways for SSO authentication.
SP-initiated
IDP-initiated
For SP-initiated on google apps you need to:
* Created a certificate and a private key using openssl toolkit or any other tool.
* Upload this certificate to the Google Apps single sign on settings.
* Give login URL to your application etc.
After saving setting on google are done. Now you need to write a code that wil accept request token from google and after parsing send it back to google app.
For code on your side you will use openSAML libraries.
You will also need a keystore(*.jks) in order to make SAML response signed.
These links will help you.
SAML token help.
See this answer.