Hi Amarendra
Thanks for the interest in MVIS . Let me explain how MVIS OAuth works in the use case of yours which according to me is client credential flow.
a) Client application would generate token using Okta by providing client id and secret
b) Client would provide this token as http header to MVIS
c) MVIS would decode this token and based on the information namely roles would allow access to the endpoints
This token can be protected from tampering by using private public key infrastructure . Normally authentication providers like Okta would encrypt the signature of the token using the private key and receiving end can use the public key to decrypt and validate the token.
This public key certificate should be added into the java keystore (PKCS12) format and provided to MVIS
OAuth Public Keystore Path field provides path to this java key store which has the public key added to it.
Hope this give you the clarity
Let me know if you any more questions
Amey
------------------------------
Amey Rokde
Senior Software Engineer
Rocket Internal - All Brands
pune India
------------------------------
Original Message:
Sent: 07-06-2021 00:27
From: Amarendra Rakesh
Subject: Security with oAuth in MVIS
Hi Amey,
Thanks for sharing the demo video.
I'm quite new to MVIS and I'm trying to enable Okta based authentication (i.e. OAuth2.0) on my MVIS installation. In my authentication process, I want the users to use the pre-shared "client id" and "client secret" details to generate a token, and use these tokens to authenticate to MVIS.
As mentioned in above video, I checked "OAuth Public Keystore Path" field on my MVIS page and I'm unsure, how can it be used with Okta based authentication, as the above field only accepts a file path.
Can you suggest, if there is any other field to handle such scenarios. Also, it would be really helpful if you can create a demo video for Okta based authentication.
Thanks,
Amarendra
------------------------------
Amarendra Rakesh
Business System Manager
SMC Corporation Pty Ltd
Original Message:
Sent: 03-11-2021 13:12
From: Amey Rokde
Subject: Security with oAuth in MVIS
MVIS 1.3 supports oAuth, allowing developers to easily integrate their created APIs with third-party authentication providers such as Auth0 and Okta and provide token-based authorization, ensuring seamless integration with enterprise application security configurations.
This first video provides a detailed overview of the capability and how to use it.
This video is a demo of the application.
I'm happy to answer any questions you have below!
------------------------------
Amey Rokde
Senior Software Engineer
Rocket Software
------------------------------