Below are the instructions for connecting an SSO authentication service to the Chemwatch mobile application: Your IDP service must support the OAuth 2.0 protocol for authentication and authorization.
For integration with your service, we need the following information:
clientId (client credentials).
clientSecret (client credentials).
authorizeUrl.
accessTokenUrl.
userInfoUrl.
Add our redirect URL: net.chemwatch.walkabout://oauth2redirect.
You can also specify the scope that should be available for getting information about the user and select the exact field representing the username.
Provide us with a temporary SSO username and password to check it out.
Specific to MS Azure
Please take a look at the screenshot. We marked several zones with numbers so you can understand where to get the relevant data.
authorization URL — number 1
accessToken URL — number 2
userInfo URL — number 3
Please add this URL to the AzureAD console as an allowed redirect, or else our app will fail the AzureAD security check on login. This can be done in the "Authentication" section which should be second in the "Manage" group.
In the API permissions, you need to add "email" for Microsoft Graph because we are using the user's email address for authentication purposes.
Specific to Google Workspace (TBD)
Specific to Okta (TBD)