6 OpenID Connect OAuth2
Birgit Becker edited this page 2022-11-24 15:32:25 +01:00

EGroupware 19.1+ comes with an OpenID Connect / OAuth2 server integrated

This page describes how to authenticate and (optionally) integrate other applications using it.

Supported endpoints

Replace example.org with the full qualified domain-name your EGroupware server uses.

Supported Grants:

  • Authorization Code: user authorized access and get auth-code, server requests access-token via backchannel
  • Refresh Token: token to refresh access-token after it's expired
  • Client Credentials: server requests access-token without further authorization
  • Implicit: user authorized access and get access-token and auth-code, server requests own access-token via backchannel
  • Password Credential: other server checks username/password of EGroupware user (not recommended any more, as other server gets the password!)

Client configuration in EGroupware

Go to: Admin > Applications > OpenID / OAuth2 server > Clients

Configuration of tested clients

Troubleshooting

  • Enable request log under: Admin > Applications > OpenID / OAuth2 server > Request log

While the log does not record passwords, it contains the issued token and should not left running!