Configuring OAuth 2.0 Authentication
With the OAuth 2.0 authentication scheme, users can log in to My webMethods using accounts from Google , Twitter, Salesforce, or another identity provider that supports the OAuth 2.0 and Open ID Connect protocols and exposes a discovery service. You can control what server resources, or layered products the users can access, based on user roles and role attributes. You configure the user roles to accept claims, submitted by the identity provider to determine user membership dynamically at login. You can configure multiple OAuth 2.0 services for different identity providers in My webMethods Server.
Users and Roles for External Accounts
By default,
My webMethods Server creates a new system user for each external account, that logs in using the OAuth 2.0 authentication scheme. These system users are assigned to a default role named OAuthSinkRole. You can create and configure a custom role to use for assigning OAuth 2.0 authenticated users. For more information about
My webMethods Server roles, see
Managing Roles and Access to My webMethods.
Optionally, you can also create a custom service that registers internal users for the external user accounts. For more information, webMethods CAF and My webMethods Server Java API Reference.