Self-Service OIDC Configuration

Integration Guide for SphereOne SDKs through OAuth 2.0 Client Creation

Introduction to OAuth 2.0

To integrate SphereOne SDKs, establishing an OAuth 2.0 client is imperative.

OAuth 2.0 serves as an authorization framework, permitting third-party applications to access user accounts on an HTTP service by delegating user authentication to the service hosting the user account and authorizing applications to access said user accounts.

For an in-depth understanding of OAuth 2.0 and OpenID Connect, kindly refer to the detailed documentation available here.

This pivotal step ensures users can seamlessly log in with SphereOne and utilize the payment API.

Step-by-Step Guide to Creating an OAuth 2.0 Client for SphereOne SDKs Integration:

Step 1: Navigate to OAuth 2.0 Client Section

Within your application settings, locate and select the OAuth 2.0 client section.

Step 2: Initiate OAuth 2.0 Client Creation

Click on the + Add OAuth 2.0 client button, which will present a form modal for you to complete.

Step 3: Completing the OAuth 2.0 Client Form for SphereOne SDKs Integration

Form Completion Guidelines:

Client Name: Ensure to provide a unique client name, adhering to a minimum character requirement of three.

Redirect URIs: Specify one or more redirect URIs. For web URIs, ensure they commence with http:// or https://.

Access Token Lifetime: Define the lifetime of the access token. The minimum permissible value is 3600 seconds (1 hour), and it is advisable to retain the default value unless a specific use case dictates otherwise.

Step 4: Secure Storage of OAuth 2.0 Client Credentials Post-Creation

Post-Submission Actions:

Upon accurate completion and submission of the form, an OAuth 2.0 client will be instantiated.

Subsequent to creation, both the Client ID and Client Secret Key will be displayed.

Managing OAuth 2.0 Clients within SphereOne

Client Management Overview: Your OAuth 2.0 clients can be managed effortlessly within the dedicated OAuth 2.0 clients table.

Client Modification and Deletion: The platform provides the flexibility to edit or delete clients as per your operational requirements.

Vital Note on Credential Storage:

It is imperative to copy and securely store the Client ID and Client Secret Key, as these credentials will be pivotal for the integration of the SphereOne SDK.

Your adherence to these steps will ensure a seamless integration process.