All eazyBI for Jira eazyBI for Confluence Private eazyBI

OAuth2 user authentication
Private eazyBI

You can enable Private eazyBI user authentication using an external OAuth 2.0 authentication provider. Currently, Private eazyBI by default supports OAuth2 user authentication with Google and Salesforce but it is possible to add additional custom OAuth2 authentication providers.

Authentication with Google

  • Create a project (or use existing project) at https://console.developers.google.com.
  • In Credentials section create a new Client ID for web application and in Authorized Redirect URI enter BASE_URL/eazybi/users/auth/google/callback (substitute BASE_URL with http://localhost:8080 in development or with the corresponding URL in production).
  • In eazybi.toml specify Client ID and Client secret that were created by Google:
[authentication.google]
omniauth = "oauth2"
client_id = "..."
client_secret = "..."

Restart the application after adding the authentication information in eazybi.toml. After that in the Sign-up and Log-in pages, you should see an option to authenticate with Google.

Authentication with Salesforce

See the Salesforce OAuth 2.0 tutorial page for more details on Salesforce and OAuth2 integration.

  • From Salesforce Administer / Manage Apps / Connected Apps create a new connected application.
  • Enable OAuth Settings and specify Callback URL BASE_URL/eazybi/users/auth/salesforce/callback (substitute BASE_URL with localhost:8080 in development or with the corresponding URL in production).
  • From the scopes select and add Access your basic information.
  • In eazybi.toml specify client_id (Consumer Key) and client_secret (Consumer secret) that were created by Salesforce:
[authentication.salesforce]
omniauth = "oauth2"
client_id = "..."
client_secret = "..."

Restart the application after adding the authentication information in eazybi.toml. After that in the Sign-up and Log-in pages, you should see an option to authenticate with Salesforce.

Authentication with Okta

See the Okta OAuth 2.0 and OpenID Connect Overview for more details on Okta and OAuth2 integration.

  • From the Okta admin dashboard go to Applications and create a new app with a "Platform" → Web and "Sign on method" → OpenID Connect.
  • Then open your new app and click Edit in General settings and fill the following fields:
    • "Allowed grant types" - check "Refresh Token".
    •  "Login redirect URIs" - add the callback URL, use your host and prefix https://example-private.com/eazybi/users/auth/okta/callback
    • "Logout redirect URIs" - add the URL after redirect, usually the root of your app https://example-private.com
    • Click save

  • In eazybi.toml add a new authentication:

    [authentication.okta]
omniauth = "oauth2"
site = "https://dev-123456.okta.com"
authorize_url = "/oauth2/default/v1/authorize"
token_url = "/oauth2/default/v1/token"
client_id = "..."
client_secret = "..."
  • Update the site to your Okta domain, then copy the client_id and client_secret from the Okta application page. 
  • Modify the authorize and token values if you are not using the default authorization server.
  • Restart the application after finishing changes in eazybi.toml. After that in the Sign-up and Log-in pages, you should see an option to authenticate with Okta.

  • You can also add the Okta logo. To do so you need to create directory public/images/authentication and put the okta.png and then add a line in the existing configuration:

    [authentication.okta]
...
image = "okta.png"
...
  • Restart the application and you should see the logo.