Articles in this section
Category / Section

What are the different request object properties of Group Imports Setting for each OAuth and OpenID Provider Type

Published:

Group Import

You can configure the OAuth 2.0 and OpenID settings using the REST API. While configuring OAuth 2.0 and OpenID settings, you can also configure the group import settings to import the OAuth and OpenID groups. Please refer to this document to learn more about how to configure OAuth 2.0 or OpenID settings using the REST API.

The group import has two properties:

  1. ProviderType – This property specifies the provider type used to import the groups. The possible values for this property are:
    CognitoAWS, Auth0, Okta, and OneLogin

  2. Setting – The properties of this object will vary depending on the type of provider mentioned above. Please refer to the following information to learn the specific setting properties for each provider type.

Cognito AWS

Configure the provider type as CognitoAWS and the Setting object with the following properties to import groups from Cognito AWS. This provider type is applicable only for OAuth.

UserPoolId The User Pool ID is a unique identifier for the user pool you created in Amazon Cognito. You can use this User Pool ID to authenticate users in your app.
AWSAccessKeyId Specifies an AWS access key associated with an IAM user or role.
AWSAccessKeySecret AWS secret key is like private key or password.
Region In AWS Cognito, "Region" sets the deployment geography for data compliance and optimized performance. For group import in OAuth providers, it ensures efficient and compliant management within a specific geographic area.

The final Group Import Object for AWS Cognito will appear as follows.

{
  "ProviderType": "CognitoAWS",
  "Setting": {
    "UserPoolId": "us-east-2_BNvufwedvc",
    "AwsAccessKeyId": "AKIAZGJY3P2I7464523OP",
    "AwsAccessKeySecret": "phdXyrYJdsWvhqp+idp7QsTlwerwetwwbol45o",
    "Region": "usi-north"
  }
}

Auth0

Configure the provider type as Auth0 and the Setting object with the following properties to import groups from Auth0. This provider type is applicable for both OAuth and OpenID.

Audience The audience (presented as the aud claim in the access token) specifies and defines the intended consumer of the token.
ExtensionURl Extension URL of Auth0 to import groups.

The final Group Import Object for Auth0 will appear as follows.

{
  "ProviderType": "Okta",
  "Setting": {
    "ApiToken": "00YIf3KCR35F79IxEDpKasdfZgzLoCvKwIO2swe7"
  }
}

Okta

Configure the provider type as Okta and the Setting object with the following properties to import groups from Okta. This provider type is applicable for OAuth and OpenID.

APIToken The API token you generated in your Okta app allows you to authenticate requests to the Okta API.

The final Group Import Object for Okta will look as follows.

{
  "ProviderType": "Okta",
  "Setting": {
    "ApiToken": "00YIf3KCR35F79IxEDpKasdfZgzLoCvKwIO2swe7"
  }
}

OneLogin

Configure the provider type as OneLogin and the Setting object with the following properties in order to import groups from OneLogin. This provider type is applicable for both OAuth and OpenID.

APIClientID Specifies the OneLogin Client ID is needed for Token Endpoint Authentication.
APIClientSecret Specified OneLogin Client Secret is needed for Token Endpoint Authentication.
Region Regions, which allows administrators to specify the geographic regions where users can log in from.

The final Group Import Object for OneLogin will appear as follows.

{
  "ProviderType": "OneLogin",
  "Setting": {
    "ApiClientId": "6342c4d9381b44sdfas165fcb274e9d6748dsfadfba63acfb22b43d9ff81",
    "ApiClientSecret": "f73csdfa67adfgsdfertrhbfgj23e0fa8b2c5c150883511c422813e",
    "Region": "us"
  }
}
Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
NG
Written by Nisanth Gunasekaran
Updated
Comments (0)
Please  to leave a comment
Access denied
Access denied