Configuring Web Verifier Client for OAuth2 Authentication - Brainware Intelligent Capture - Foundation 23.1 - Foundation 23.1 - Brainware - external

Brainware Intelligent Capture Installation

Platform
Brainware
Product
Brainware Intelligent Capture
Release
Foundation 23.1
License

To configure Brainware for OAuth2.0, find the OAuth2Settings and secureSettings sections in web.config and update the following values.

Settings Description
OAuth2ClientId* The client ID provided by your IdP provider.
OAuth2ClientSecret When using client secret, enter the client secret provided your IdP provider; otherwise, leave blank.
OAuth2Enabled* Enter True to enable OAuth2 authentication
OAuth2DiscoveryUrl* The discovery endpoint of your authorization provider.
OAuth2RequireHttps Enter True to indicate that you require OAuth2 connections to use https. This is recommended for production environments.
OAuth2RedirectUrl* The URL of the hosted Web Verifier login page.
OAuth2Scope Set to ‘offline_access’ to enable refresh tokens; otherwise leave blank.
OAuth2ValidateLifetime Enter True to indicate that the Web Verifier will validate the lifetime of the returned access token. When the token expires, the user will be logged out. If using refresh tokens Web Verifier will attempt to refresh the users token before logging them out.Enter False to indicate that the token lifetime will be ignored.
OAuth2ClockSkew Enter the duration in minutes, a user session is still valid after the token expires.This can be used to account for clock differences between the Web Verifier server and the IdP server.
OAuth2PKCEMehtod Set to S256 to enable PKCE; leave blank to disable PKCE.
OAuth2ValidateSignature Set to True to validate the token signature; recommended for production environments.

* Indicates mandatory fields