Creating an OAuth 2.0 Client

To set up an OAuth 2.0 provider in the Web Client, you need the following parameters from the provider:

Parameter Description
Client ID

When registering Web Client with an OAuth provider, a unique public identifier is provided to build login URLs.

Client Secret

A unique secret string that is only known to the Web Client and the authorization server.

Authorization Endpoint

This endpoint is where the user is directed to get authenticated and to give permission to the Web Client with the necessary information.

Web Client will then obtain an Authorization code, which the authorization server uses to search the permission / consent given by the user.

Token Endpoint

Using this endpoint, the Web Client will obtain an access token which will be then used to retrieve user information.

User Info Endpoint

This endpoint will be used to retrieve consented information about the user logging in. The information received here will be used to do the mapping between the Web Client account.

Scopes

The mechanism is used to limit the access that Web Client is granted about the user's account. The requested scopes will be presented to the user to give consent to the application. The available scopes depend on each provider and can differ for each of them.

Discovery Endpoint

(Optional) The endpoint is useful to retrieve the metadata related to the OAuth provider. This can simplify finding the necessary information to configure the provider inside of Web Client.

This endpoint is available via /.well-known/openid-configuration

Follow the steps on the provider's website in order to register Web Client with the OAuth provider.

Note

When registering Web Client with an OAuth provider, make sure to keep in hand the Redirect URLs indicated in the Authentication page.
The two URLs (Web Client and Excel Add-in) need to be specified in the provider configuration.