Configuring OAuth external authentication
The OAuth (Open Authorization) specification defines a delegation protocol that is useful for conveying authorization decisions across a network of web-enabled applications and APIs. OAuth is used in a wide variety of applications, including providing mechanisms for user authentication.
In this mode, the system default login page is disabled and not presented. It must be replaced by an external authentication login system. Work with your System Administrator to configure the external authentication.
You can always login using the administrator rescue login URL: http://<host>:<port>/MM/Auth?nativeLogin, where <port> is the HTTP port that Talend Data Catalog responds to.
Here is an example of the OAuth authentication workflow:
- You try to login to Talend Data Catalog using a browser.
- Talend Data Catalog redirects the client to the authorization server for authentication.
- You log in to the authorization server and approve the access request. The authorization server sends an authorization code.
- The client exchanges the authorization code for an access token.
- If the code is valid, the client gets an access token to request a protected resource.
- Talend Data Catalog receives a request for a protected resource with an access token and verifies the validity of the token directly with the authorization server.
- If the token is valid, the authorization server sends your data to Talend Data Catalog.
- Talend Data Catalog logs you in to the system and grants you the protected resources.