What is OAuth? It is a utility that authorizes third party applications to interact with the Liferay platform. The OAuth example from our official documentation is worth repeating here; users can make Twitter or Facebook available on Liferay Portal or DXP. Instead of entering your credentials again into Liferay, OAuth creates a handshake and the Liferay platform will redirect the users to the service provider. The service provider will grant Liferay limited access.
Liferay Digital Experience Platform 7.1 is integrated with the OAuth 2.0 Authorization Framework. OAuth 2.0 is included by default in Liferay DXP 7.1.
- Resource Owner
An entity capable of granting access to a protected resource. Section 1.1 Terminology.
Example: Jane has uploaded her vacation photos on a web-based site like Flickr; she is the resource owner.
The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client, or to protected resources previously arranged with the authorization server. Section 1.3.4 Client Credentials.
...credentials used to access protected resources. An access token is a string representing an authorization issued to the client. The string is usually opaque to the client. Tokens represent specific scopes and durations of access, granted by the resource owner, and enforced by the resource server and authorization server. Section 1.4 Access Token.
How can I implement OAuth in Liferay?
OAuth 2.0 comes bundled with Liferay DXP 7.1. Note: Unlike DXP 7.0, there is no downloadable app from Marketplace for this version.
How do I manage my OAuth connections?
Third party apps connected to Liferay DXP 7.1 are listed in the OAuth2 Connected Applications tab in the Control Panel. To access this, navigate to Control Panel → My Account → OAuth2 Connected Applications. All users regardless of role can view this tab. However, only administrators can add new apps.
To add a new app, navigate to Control Panel → Configuration → OAuth2 Administration.
After entering the name and URLs, click Save. It should look like this:
Please note that this is just an example. More detailed information about the different available features and functions can be found in our official documentation. Once the application has been created, it needs to be added to the System Settings > Security > Authorize Screens if the OAuth app sits on a web page, so that users can start using Liferay DXP to authenticate against third party apps.