You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.

Create an OAuth application

Owned by Phillip Hanegan
Nov 22, 2023
2 min read

If your organization uses applications that use the OAuth protocol, you can add those applications to your environment so that EmpowerID can manage access to them.

Procedure

  1. On the navbar, expand Apps and Authentication and click Applications.

  2. On the Applications page, click the Create Application action link.

     

  3. In the General tab of the Application Details page and enter the following information:

    • Name – Name of the application

    • Display Name – Display name for the application

    • Description – Characterization of the application

    • Instructions (optional) – Any relevant instructions for use of the application

    • Create a Tracking Only Account Store – Select this option to create an account store for the application. If selected, application accounts are added to the account store.

    • Select Existing Account Store (Directory) – If an account store exists for the application, search for and select that account store. This field does not appear if Create a Tracking Only Account Store is selected.

    • Creation Location – Click the Select a Location link and then select and save the desired creation location for the application.

    • Make Me the Owner – This option is selected by default. Clear the option if you will not be the owner.

    • Icon (optional) – Path to the graphical representation of the application. By default, this is set to a generic image in the EmpowerID system.

    • Publish in IAM Shop – Select this option to allow eligible users to request access to the application in the IAM Shop.

    • App Authorization Model – Set by default to Not PBAC and not Azure; leave this setting at the default selection for OAuth apps.

    • PBAC Rights Model Enabled – Applicable for PBAC applications only.

    • Allow Role Definition Assignment – Select this option to allow role definitions to be added to the application.

    • Allow Local Right Assignment – Select this option to allow local rights to be added to the application.

    • Allow App Management Role Assignment – Select this option to allow App Management Roles to be added to the application.

  4. Click Single Sign-On tab and enter the following information:

    1. Single Sign-On Connection Type – Select OAuth / OpenID Connect.

    2. OAuth Client Application – Search for and select the appropriate OAuth Provider application.

    3. Click Add to Cart.

       

  5. Click the Cart icon at the top of the page to open the cart.

  6. Optionally, add justification for the item being submitted and then click Submit.