My webMethods Server 10.7 | My webMethods Server Webhelp | Administering My webMethods Server | System Administrator Functions | Managing Security | About My webMethods Server Security | Server Authentication | OAuth 2.0 Authentication
 
OAuth 2.0 Authentication
You can configure an OAuth 2.0 authentication flow in My webMethods Server, and log in to My webMethods with credentials from an external identity provider, such as Google, Twitter, or Salesforce. In this authentication flow, My webMethods Server uses the OAuth 2.0 protocol with the OpenID Connect identity layer as an authentication and authorization method.
When logging in using the OAuth 2.0 authentication flow, My webMethods Server redirects you to the authorization endpoint of the external identity provider, for example the Google Authorization Server, where you supply your credentials. After authentication, the identity provider redirects you back to a My webMethods Server endpoint. My webMethods Server acquires ID and Access tokens from the provider, validates the ID token, and requests a list of UserInfo claims. Based on the claims returned by the provider, My webMethods Server registers an internal user account and associates the account with a login session.
To configure OAuth 2.0 and OpenID Connect authentication flow in My webMethods Server, see Configuring OAuth 2.0 Authentication.