OAuth Configuration

OAuth provides a secure and standardized way to enable third-party applications and services to access Radius on behalf of users.

On this page

On this page

On this page

OAuth Overview

OAuth is a widely-used authorization protocol that allows applications to securely access resources on behalf of a user. In the context of Radius, OAuth enables third-party applications to authenticate users and access their data within Radius while maintaining security and user consent.

Prerequisites

Before you begin configuring OAuth for Radius, ensure you have the following prerequisites in place:

  • A Radius installation with administrative access.

  • Knowledge of OAuth terminology and concepts.

  • Access to the OAuth provider(s) you plan to integrate with Radius.

Setting Up OAuth

To set up OAuth in Radius, follow these general steps:


  1. Log In to Radius

    • Launch the Radius application and log in to your Radius account with administrative privileges.


  2. Navigate to OAuth Configuration

    • Depending on your Radius version and setup, locate the OAuth configuration section in the administrative dashboard.


  3. Enable OAuth

    • Enable the OAuth feature to allow third-party applications to authenticate and access Radius data.


  4. Configure OAuth Settings

    • Specify OAuth settings such as the authorization endpoint, token endpoint, client ID, and client secret. These settings vary depending on the OAuth provider(s) you plan to use.


  5. Save Configuration

    • Save the OAuth configuration settings.

Configuring OAuth Providers

OAuth providers, such as Google, GitHub, or your organization's OAuth server, must be configured to work with Radius.


Follow these steps to configure OAuth providers:


  1. Log In to the OAuth Provider

    • Access the OAuth provider's developer portal or administrative console.


  2. Create a New OAuth Application

    • Create a new OAuth application or project within the provider's system.


  3. Configure OAuth Redirect URIs

    • Specify the OAuth redirect URIs for your Radius instance. These URIs must match the ones configured in your Radius OAuth settings.


  4. Generate OAuth Client ID and Client Secret

    • Obtain an OAuth client ID and client secret from the provider. These credentials will be used to authenticate Radius with the OAuth provider.


  5. Enter Provider Credentials in Radius

    • In the Radius OAuth settings, enter the client ID and client secret provided by the OAuth provider.

User Authentication Flow

The user authentication flow with OAuth typically involves the following steps:


  1. A user initiates the OAuth process in a third-party application.


  2. The third-party application redirects the user to the Radius OAuth authorization endpoint.


  3. The user logs in to Radius (if not already authenticated) and approves the third-party application's access request.


  4. Radius generates an OAuth access token and redirects the user back to the third-party application with the token.


  5. The third-party application uses the access token to access Radius on behalf of the user.

DOCS