Creating an OAuth 2.0 Client

To setup an OAuth 2.0 provider inside Web Client, you need the following parameters from the provider:

Client ID

When registering Web Client with an OAuth provider, an unique public identifier is provided that is used to build login URLs.

Client Secret

An unique secret string that is only known to the Web Client and the authorization server.

Authorization Endpoint

The endpoint is where the user is directed to get authenticated and to give permission to the Web Client with the necessary information.

Web Client will then obtain an Authorization code, which the authorization server uses to search the permission / consent given by the user.

Token Endpoint

Using this endpoint, the Web Client will obtain an Access Token which will be then used to retrieve user information.

User Info Endpoint

This endpoint will be used to retrieve consented information about the user logging in. The information received here will be used to do the mapping between the Web Client account.

Scopes

The mechanism is used to limit the access that Web Client is granted about the user's account. The scopes requested will be presented to the user to give consent to the application. The available scopes depend on each provider and can differ for each of them.

Discovery Endpoint

(optional) The endpoint is useful to retrieve the metadata related to the OAuth provider. This can simplify finding the necessary information to configure the provider inside of Web Client.

This endpoint is available via /.well-known/openid-configuration

Follow the steps on the providers website in order to register Web Client with the OAuth provider.

Note

When registering Web Client with the chosen OAuth provider, be sure to keep in hand the Redirect URLs that are specified in the Authentication page.
The two urls (Web Client and Excel Add In) need to be specified within the provider.