Below are the instructions for connecting an SSO authentication service to the Chemwatch mobile application: Your IDP service must support the OAuth 2.0 protocol for authentication and authorization.
For integration with your service, we need the following information:
clientId (client credentials).
clientSecret (client credentials).
authorizeUrl.
accessTokenUrl.
userInfoUrl.
Add our redirect URL: net.chemwatch.walkabout://oauth2redirect.
You can also specify the scope that should be available for getting information about the user and select the exact field representing the username.
Please provide us with a temporary SSO username and password to check it out.
Specific to MS Azure
When registering the Smarter Suite app in Azure, the optional redirect field must be selected as a public client/native(mobile & desktop) app for mobile apps. Mobile apps have a different redirect URL structure and always start with customScheme.://. It needs to be exactly net.chemwatch.walkabout://oauth2redirect Otherwise, the mobile app won't work with your AzureAD setup. Please see the below image for your reference.
If didn’t specify the redirect URL when registering the app, please add the net.chemwatch.walkabout://oauth2redirect URL to the AzureAD console as an allowed redirect, or else our app will fail the AzureAD security check on login. This can be done in the "Authentication" section which should be second from the top under “Manage” in the left pane.
In the API permissions, you need to add "email" for Microsoft Graph because we use the user's email address for authentication purposes.
Please take a look at the screenshot below. We marked several zones with numbers so you can understand where to get the relevant data.
authorization URL — number 1
accessToken URL — number 2
userInfo URL — number 3
Specific to Google Workspace (TBD)
Specific to Okta (TBD)