Aurora Corporate documentation

Authentication via external services

Introduction

Aurora Corporate offers integration with various external services: Google, Facebook and Dropbox. For each of those services, integration is configured in the similar way - in a console offered by that service, you create an application and obtain a set of parameters used for authentication, and specify those parameters in Aurora Corporate admin interface section. Once that's done, users will be able to authenticate via those services and use access file storage where applicable.

Google

This configuration will allow your users to authenticate with their Google accounts and access their Google Drive storage.

IMPORTANT: For this to work, Aurora Corporate must be running on SSL-enabled (https) host.

Setting up application in Google

  1. Navigate to https://console.cloud.google.com/cloud-resource-manager and click Create Project. Supply arbitrary Project Name and click Create. Once the project is created, click Select Project.
  2. In navigation menu (top-left corner), select APIs & Services -> Library, locate Google Picker API and enable this API. Then go back to Library, locate Google Drive API and enable it.
    If you wish to allow users to add Gmail accounts, locate and add Gmail API the same way.
  3. In left pane, select OAuth consent screen. Select "External" option for creating consent screen. Supply arbitrary Product name shown to users, make sure the correct list of Authorized domains is supplied and click Save button.
  4. In left pane, select Credentials and click Create credentials button. Choose API key option. API key created will be shown, you should save it to use in Aurora Corporate settings.
  5. Click Create credentials button and choose Oauth cliend ID option. Application type needs to be set to "Web application".

In Authorized JavaScript Origins, Aurora Corporate root domain URL of the installation needs to be supplied. For example, if your installation is at https://yourdomain.com/aurora/ then it's https://yourdomain.com/ URL you need to specify.

In Authorized Redirect URIs list, URLs of the following kind must be added: http://yourdomain.com/aurora/?oauth=google where http://yourdomain.com/aurora/ is Aurora Corporate installation URL.

Upon clicking Create button, client ID and client secret will be shown. You should save those to use in Aurora Corporate settings.

Performing configuration in Aurora Corporate

Under System > Google Auth screen of admin interface, check Google connector and specify the following values for it, using those obtained from Google Developers Console:

  • App ID should be set to CLIENT ID value;
  • App Secret is set to CLIENT SECRET;
  • API Key equals API KEY value. The value is optional, it's needed to let users add shortcuts to Google Drive documents.

Facebook

Allows for authentication with Facebook account.

Creating Facebook application

  1. Navigate to https://developers.facebook.com/apps and click Create a new app.
  2. On the left pane, select Settings > Basic tab, and supply product installation URL in App Domains and Site URL fields.
  3. From the same page, obtain App ID and App Secret values.
  4. Add "Facebook Login" product and configure it by specifying installation URL and enable "Web OAuth Login".
  5. Make sure you have the following option enabled on Status & Review tab:

Do you want to make this app and all its live features available to the general public?

Performing configuration in Aurora Corporate

  1. Under System > Facebook Auth screen of admin interface, enable Facebook connector by selecting its checkbox.
  2. App ID and App Secret values should be set to those obtained from Facebook Developer console.

Dropbox

Integration with Dropbox allows Aurora Corporate users to authenticate with their Dropbox accounts and access their Dropbox storage.

IMPORTANT: For this to work, Aurora Corporate must be running on SSL-enabled (https) host.

Setting up Dropbox app

  1. Open Dropbox App Console. You'll be asked to log into your Dropbox account if you're not logged in yet.
  2. Click Create App button, then fill the parameters of your application as follows:
  3. Supply arbitrary application name and click Create App.
  4. On next screen, the product installation domain(s) must be added under Chooser/Saver domains list. To Redirect URIs list, URLs of the following kind must be added: http://yourdomain.com/aurora/?oauth=dropbox where http://yourdomain.com/aurora/ is product installation URL.
  5. Copy App key and App secret values from that screen.

Setting up Dropbox integration in Aurora Corporate

  1. Under System > Dropbox Auth screen of admin interface, enable Dropbox connector by selecting its checkbox;
  2. App ID is set to App key value obtained from Dropbox App Console;
  3. App Secret should be set to App secret value;

Removing restrictions of Dropbox integration

By default, a single Dropbox app can only be accessed by up to 100 users. To remove the limit, you'll need to apply for production status as described here.