How to Log in to Omnitron Using OAuth2 (SSO)?

This guide provides a step-by-step tutorial on logging into Omnitron using OAuth2 as a Single Sign-On (SSO) method. Omnitron supports OAuth2 authentication only from the following providers:

• Google (provider: google)

• GitHub (provider: github)

• Turkcell (provider: turkcell)

• Azure (provider: azure)

OAuth2 allows users to authenticate with Omnitron using their credentials from the supported providers. This eliminates the need for separate login details for Omnitron and streamlines the authentication process.

Step 1: Configure OAuth2 Provider Settings​

Before integrating OAuth2 with Omnitron, you must configure the necessary settings on the provider’s platform. Each provider has specific documentation on setting up OAuth2 authentication. The following credentials are typically required:

• Client ID: Unique identifier for your application.

• Client Secret: A secret key used for authentication.

• Authorization URL: URL to initiate the OAuth2 login flow. Format: [auth url]?response_type=code&scope=[scope]

• Token URL: URL to obtain access tokens.

• User Info URL: URL to fetch user details.

• Redirect URLs: This should be set to {omnitron_url}/api/v1/oauth/{provider_slug}/authenticate/

Refer to the respective provider’s documentation to retrieve these values except for the Redirect URL.

Step 2: Configure OAuth2 in Omnitron​

Once you have obtained the required credentials from the OAuth2 provider, you must configure them in Omnitron.

Navigate to SSO Settings​

1. Log in to Omnitron.

2. Click on the Settings tab.

3. Select SSO Settings.

Add a New SSO Provider​

1. Click the + Add New SSO Provider button at the top right corner.
2. Fill in the required parameters in the form:

   • Select Provider Type: Select “Other” option.

   • Name: Enter a meaningful name for the provider.

   • Slug: Define a unique slug for the provider.

   • Provider: Enter the provider type. It should be one of the following options:

     1. azure

     2. github

     3. google

     4. turkcell

   • Client ID: Paste the Client ID obtained from the provider.

   • Client Secret: Paste the Client Secret obtained from the provider.

   • Authorization URL: Enter the provider’s authorization URL. Format: [auth url]?response_type=code&scope=[scope].

   • Token URL: Enter the provider’s token URL.

   • User Info URL: Enter the provider’s user info URL.

   • Redirect URLs: Enter the redirect URL in the format: {omnitron_url}/api/v1/oauth/{provider_slug}/authenticate/

   • Choose File: Drag and drop the login icon or click to upload. The image size must be 128x128 PNG.

   • Status: Enable or disable the provider.
3. Click Save to finalize the configuration.

Example OAuth2 Provider JSON Configuration​

{
     "name": "Google",
     "slug": "google",
     "provider": "google",
     "client_id": "[masked].apps.googleusercontent.com",
     "client_secret": "[masked]", # obtained from the provider
     "authorization_url": "[auth url]?response_type=code&scope=[scope]",
     "token_url": "https://oauth2.googleapis.com/token",
     "userinfo_url": "userinfo_url",
     "redirect_url": "[omnitron_url]/api/v1/google/authenticate/"
}

For Google;

google auth url = https://accounts.google.com/o/oauth2/v2/auth
google scope = https://www.googleapis.com/auth/userinfo.email
google user info url = https://www.googleapis.com/oauth2/v2/userinfo?alt=json