Skip to main content

Auth Methods

Familiarize yourself with the Authentication methods

Configure Auth using the following methods in your application to verify the identity of a user or device before allowing access to a system or resource.

Enable Social (OAuth) Authentication

note

You cannot use the same email account with different social providers because each email address can only support one authentication method. If an email is already registered with one method and you attempt to log in with the same email via a different method, it fails. The current error message directs users to the registered method.

Social authentication allows your users to authenticate into your app with common third-party identity providers via OAuth. The following social authentication providers are available:

Use one of the following options to enable social (OAuth) authentication:

Without configuring OAuth accounts on the providers

important

This option is not intended for normal use, but provides an easy path to get started before a user properly configures an OAuth account of their own.

You can try out social (OAuth) authentication without configuring your own OAuth accounts on the providers.

  1. In the Pangea Console , click Auth Methods in the left-hand navigation menu.
  2. Click on Social (OAuth) and a settings dialog will appear on the right pane.
  3. On the Social (OAuth) page, click Configure located on the provider's row.
  4. On the configure social login window, select the Use development OAuth credentials setting. When enabled, this option disregards any set Client ID or Client Secret and uses a test OAuth account for operation.
  5. Click Save button to save the selection.

Configure OAuth accounts on the providers

  1. In the Pangea Console , click Auth Methods in the left-hand navigation menu.
  2. Click on Social (OAuth) and a settings dialog will appear. On the social authentication page, there is a callback URL, it is displayed to the user but not editable. This is the callback URL that they need to use when creating an OAuth configuration on the OAuth provider (for example, Google, GitHub, and so on).
  3. Select a social authentication provider and click Configure. Each social authentication provider has different configuration steps. Refer to the instructions. for each provider on how to configure OAuth: GitHub and Google.
  4. Add the Client Id and Client Secret. These values are provided by the OAuth provider after you complete the provider-specific configuration steps.
  5. Click Save to close the client dialog.
  6. Click Save to save the social authentication configurations.

GitHub

To set up social authentication with GitHub, you’ll need to obtain a Client Id and Client Secret from GitHub and add a Callback URL. Follow the steps below.

note
  • If you need to log in with a different GitHub account after you signed up with one, you must go to GitHub and log out of your account.
  • The steps below assume you already have an active GitHub account.
Expand for details
  1. Sign in to your Github account
  2. Go to your personal settings by selecting your profile picture on the top right then clicking Settings
  3. Select Developer settings from the left-hand menu
  4. Go to OAuth Apps and select your application. If you don’t see your application, try registering your application with GitHub under OAuth.
  5. Click Generate a new client secret button. Your Client Id and Client Secret will be displayed
  6. Copy the Client Id and Client Secret, and paste the information into the “Configure social login” dialog in the Pangea Console . Click Save.

To configure the callback URL.

  1. Go to the box in the GitHub OAuth settings.
  2. Enter the callback URL from the Pangea User Console social configuration or use the same one shown in the Pangea Console GitHub social config.

Google

To set up social authentication with Google, you’ll need to obtain a Client Id and Client Secret from Google, and add a Callback URL. Follow the steps below.

Expand for details
  1. Go to the Google API Console Credentials page.
  2. Click Select a project, then NEW PROJECT, and enter a name for the project. Click Create. Project names cannot be changed at a later time so this is your only chance to customize your project name.
  3. In your newly created project, go to the Credentials page and click + CREATE CREDENTIALS, then OAuth client ID.
  4. You may be prompted to set a product name and other details on the Consent screen; if so, click Configure consent screen, supply the requested information, and click Save to return to the Credentials screen.
  5. Once you’re on the Credentials screen again, click + CREATE CREDENTIALS and select OAuth Client ID.
  6. Select Web Application for the Application Type. Now, scroll down to the Authorized redirect URIS section and click + ADD URI to enter the redirect URIs. The callback URL comes from the PUC social configuration or use the same one shown in the Pangea Console Google social config. Click Create.
  7. On the dialog that appears, copy the Client Id and Client Secret to your clipboard.
  8. Paste the Client Id and Client Secret into the Configure social login dialog in the Pangea Console and click Save.

To configure the callback URL:

  1. Go to the box in the Google OAuth settings.
  2. Enter the callback URL from the Pangea User Console social configuration or use the same one shown in the Pangea Console Google social config.

Enable password authentication

The Password authentication method is used to authenticate users. It is a simple way to enforce access control to your app without requiring any third-party identity services or other devices.

To enable password authentication:

  1. In the Pangea Console , click Auth Methods in the left-hand navigation menu
  2. Click on Password and a settings dialog with several switches will appear
  3. Switch on the following rules for your password authentication configuration:
    • Allow password authentication - Allow password authentication
  4. Under Password Complexity, you can also configure the required password complexity for users when setting up their accounts. The following options are available:
    • Require one uppercase letter
    • Require one lowercase letter
    • Require a special character
    • Password length
tip

The National Institute of Standards and Technology (NIST) recommends an 8-character minimum for all passwords.

  1. Click Save.

Once enabled, the Password authentication box will say “Enabled” in green text.

important

For non-production environments, Pangea recommends you use development OAuth credentials setting to get started with AuthN.

Was this article helpful?

Contact us