Integrating TIBCO Spotfire OpenID Connect with Auth0 Identity provider
Article ID: KB0076635
Updated On:
| Products | Versions |
|---|---|
| Spotfire Server | 7.8 and higher |
Description
This article provides instructions on how to configure Auth0 Identity provider with TIBCO Spotfire.
Prerequisites:
Prerequisites:
- Create an Account in Auth0 Identity provider (https://auth0.com/)
Issue/Introduction
This article provides instructions on how to configure Auth0 within Spotfire
Resolution
1)Log onto https://auth0.com/ to register a new application by selecting "Applications" section in the left navigation bar.
2) Click on "Create Application" and set the application type to "Regular web app"
3) Take note of its Client ID and Client Secret as you will need these to create the connection in the TIBCO Spotfire configuration tool.
4) Open Spotfire server configurattion tool on spotfire server, navigate to "Configuration" tab, then click "OpenID Connect.Set "Enable custom public address" to "Yes", and enter the "public address URL", of the form http[s]://<spotfire server>[:<port>]/ (Note: You do not need to mention the port address if it is default one i.e., "80")
5) Enable OpenID connect authentication in the TIBCO Spotfire Server configuration. In the "TIBCO Spotfire Server Configuration Tool", "Configuration" tab, select "OpenID Connect" page and set "Enable OpenID Connect" to "Yes", and enter the configured public address URL as the “Return endpoint”.
Return endpoint URL: http[s]://<spotfire server>[:<port>]/spotfire/auth/oidc/authenticate
7) Add a new provider and add Discoverydocument URL : https://spotfire.auth0.com/.well-known/openid-configuration, Client ID and Client Secret generated by Auth0.
Note: It is recommended to use the "Auto-create" option for the post-authentication filter (so that successfully authenticated users are automatically created in the user directory database), as set here:
6) Go back to Auth0 dashboard, add Spotfire's login callback to the list of Allowed Callback URLs: https://spotfiredns/spotfire/auth/oidc/authenticate which is return endpoint url from the TIBCO Spotfire Server configuration tool and save the changes.
7) Go to spotfire, save the TIBCO Spotfire Server configuration to the database and restart the Spotfire Server.
2) Click on "Create Application" and set the application type to "Regular web app"
3) Take note of its Client ID and Client Secret as you will need these to create the connection in the TIBCO Spotfire configuration tool.
4) Open Spotfire server configurattion tool on spotfire server, navigate to "Configuration" tab, then click "OpenID Connect.Set "Enable custom public address" to "Yes", and enter the "public address URL", of the form http[s]://<spotfire server>[:<port>]/ (Note: You do not need to mention the port address if it is default one i.e., "80")
5) Enable OpenID connect authentication in the TIBCO Spotfire Server configuration. In the "TIBCO Spotfire Server Configuration Tool", "Configuration" tab, select "OpenID Connect" page and set "Enable OpenID Connect" to "Yes", and enter the configured public address URL as the “Return endpoint”.
Return endpoint URL: http[s]://<spotfire server>[:<port>]/spotfire/auth/oidc/authenticate
7) Add a new provider and add Discoverydocument URL : https://spotfire.auth0.com/.well-known/openid-configuration, Client ID and Client Secret generated by Auth0.
Note: It is recommended to use the "Auto-create" option for the post-authentication filter (so that successfully authenticated users are automatically created in the user directory database), as set here:
- TIBCO Spotfire Server Configuration Tool > Configuration > Post Authentication Filter > Default filter mode: Auto-create
6) Go back to Auth0 dashboard, add Spotfire's login callback to the list of Allowed Callback URLs: https://spotfiredns/spotfire/auth/oidc/authenticate which is return endpoint url from the TIBCO Spotfire Server configuration tool and save the changes.
7) Go to spotfire, save the TIBCO Spotfire Server configuration to the database and restart the Spotfire Server.
Additional Information
External: Registering an app in Auth0
Doc: Configuring openID connect:
Feedback
Yes
No
Powered by
