Skip to content
Popular Search passwordcancelresourcesapigoogle calendar
View Categories

OAuth Configuration

2 min read

It is important to make sure registration.require.email.activation is set to false in Application Configuration. If email activation is enabled users will never be able to log in.

Booked comes preconfigured with OAuth integration to both Google and Facebook, allowing users to log into Booked using their Google or Facebook credentials.

Other providers can be manually configured to allow users to log into Booked using credentials from any provider that supports OAuth.

Adding an OAuth Provider #

OAuth is not enabled by default. You must be logged into Booked as an administrator. Then open Application Configuration and enable allow.oauth.login. After OAuth is enabled, the ability to manage providers will be available in the Configuration menu.

Configuration #

The following settings are required when configuring an OAuth provider in Booked.

Provider Name – The name to be shown on the login button on the Booked login page.

Client Id – Client Id provided by the OAuth provider

Client Secret – Client Secret or Key provided by the OAuth provider.

Access Token Grant Type – Grant type when requesting access token. This is typically authorization_code.

Scope – Space separated list of scopes required to access email and profile information. For example, when setting up Google OAuth the value would be email profile

Authorization URL – The URL for authorizing users.  For example, when setting up Google OAuth the value would be https://accounts.google.com/o/oauth2/v2/auth

Access Token URL – The URL for requesting OAuth access tokens. For example, when setting up Google the value would be https://oauth2.googleapis.com/token

User Details (Resource Owner) URL – The URL for requesting profile information about the authenticated user. For example, when setting up Google OAuth the value would be https://openidconnect.googleapis.com/v1/userinfo

This URL accepts a placeholder named {accessToken} that can be used to include the current access token in the URL. For example https://account-profile.com/{accessToken}

Field Mappings #

The field mapping configuration is used to map the user profile response from the provider to fields in Booked. 

For example, when setting up Google OAuth the values would be

email

given_name

family_name

Nested values can be specified by separating . For example, the mappings would be profile.user.email, profile.user.given_name, and profile.user.family_name if the response object is

{
   "profile" : {
      "user" : {
         "email" : "",
         "given_name" : "",
         "family_name" : ""
      }
   }
}
How was this article?

Powered by BetterDocs

Booked Scheduler