OpenWater

OAuth, specifically OAuth 2.0 is the industry standard for authentication across multiple platforms. Popular platforms such as Google, Facebook, and LinkedIn support sign in through OAuth. OpenWater supports these three providers out of the box. In addition, many IT departments have implemented OAuth as their protocol of choice for third party systems. We can work with your implementation of OAuth.

OAuth is used by a lot of places and systems, here is a small list of compatible providers:

- GrowthZone
- Member Clicks
- Microsoft 365 / Microsoft Dynamics
- Neon AMS / Neon CRM
- Novi AMS
- Personify
- Wild Apricot
- YourMembership
- CiviCRM (Drupal / WordPress)
- Auth0
- Okta

<a href="https://help.getopenwater.com/en/articles/6473292-getting-started-with-integrations-hub" target="_blank" rel="nofollow noopener noreferrer">Get Started</a> with Integrations Hub ​

Add a new Single Sign On connector for Basic OAuth ​

You will have to give your IT provider a redirect URL, this is the Process Url ​

In return your IT admin should give you the following:

1. Login Url (Auth Url)
2. Client ID
3. Client Secret
4. Token Url Endpoint
5. User Info / Profile Url Endpoint
6. Scope(s) ​

Give the connector name, then paste in the Login Url (Auth Url) into the Login Url. Then click on Credentials and add new credential. Paste in the Client ID, Client Secret, Token Endpoint and User Info Endpoint. Finally click to add a scope. ​

Alternate approach: ​It is also possible to use an admin token link instead of the above password information. If choosing to use the admin token link, ask the client to have a team member who is a salesforce admin login to salesforce and open that link in a new tab. Once they do they'll get a message when they open it that says "done". After the admin activates the link click Publish. ​

Toggle to Field Mapping and click on the No Fields have been provided yet, hyperlink

If all worked well you'll see a message like this ​

Refresh the integrations hub page, and now proceed to map the fields. Click the gray area to configure that field. ​

Click on any of the matched texts to map the field, then press Save ​

Now head back to Settings, and Copy the Begin Url ​

Then head to OpenWater and update the Login Configuration. Set it to Json Web Token and paste in the Begin Url to the Login Url, and enter the shared secret set in step 1. ​

Great,  you can now save this and load up your site in an incognito window, then test out your login.

1. <a href="https://help.getopenwater.com/en/articles/6473292-getting-started-with-integrations-hub" target="_blank" rel="nofollow noopener noreferrer">Get Started</a> with Integrations Hub ​ 
2. Add a new Single Sign On connector for Basic OAuth ​
 
 
3. You will have to give your IT provider a redirect URL, this is the Process Url ​
 
 
4. In return your IT admin should give you the following:
 1. Login Url (Auth Url)
 2. Client ID
 3. Client Secret
 4. Token Url Endpoint
 5. User Info / Profile Url Endpoint
 6. Scope(s) ​
5. Give the connector name, then paste in the Login Url (Auth Url) into the Login Url. Then click on Credentials and add new credential. Paste in the Client ID, Client Secret, Token Endpoint and User Info Endpoint. Finally click to add a scope. ​
 
 Alternate approach: ​It is also possible to use an admin token link instead of the above password information. If choosing to use the admin token link, ask the client to have a team member who is a salesforce admin login to salesforce and open that link in a new tab. Once they do they'll get a message when they open it that says "done". After the admin activates the link click Publish. ​
6. Press Save ​
7. Toggle to Field Mapping and click on the No Fields have been provided yet, hyperlink

8. If all worked well you'll see a message like this ​

9. Refresh the integrations hub page, and now proceed to map the fields. Click the gray area to configure that field. ​
 
 ​
10. Click on any of the matched texts to map the field, then press Save ​
 
 ​
11. Press Save ​
12. Press Publish
 
13. Now head back to Settings, and Copy the Begin Url ​

14. Then head to OpenWater and update the Login Configuration. Set it to Json Web Token and paste in the Begin Url to the Login Url, and enter the shared secret set in step 1. ​
 
 
15. Great, you can now save this and load up your site in an incognito window, then test out your login.

Use the Integrations Hub module to connect a single sign on to any generic identity provider that supports OAuth (ex. Okta, Auth0, Wordpress)