This topic has 23 replies, 1 voice, and was last updated 1 month, 1 week ago by [email protected].

  • Author
    Posts
  • #6075
     DavidPui
    Participant

    Thanks Rogerio.

    In Facebook App settings, under Basic
    My Apps Domain is example.com
    My SITE URL is http://openam.example.com:8080

    Under Advanced settings
    I had CLIENT OAUTH LOGIN YES, WEB OAUTH LOGIN YES and
    EMBEDDED BROWSER OAUTH LOGIN YES
    and with this if requires me to put something in
    VALID OAUTH REDIRECT URIS
    So, what do I put in here ? What is your setting for this ?

    As with your attribute mappings, I assume the left attributes are the facebook ones and the right attributes are the openam ones, right ?

    Please advise.

    Cheers
    David Pui

    #6076
     Rogerio Rondini
    Participant

    Hi,

    My EMBEDDED BROWSER OAUTH LOGIN parameter is NO. But I think if you turn to YES, than should add the OpenAM Redirect URI.

    About Attribute Mappings, yes, left is facebook and right is OpenAM.

    Abs.

    #6077
     DavidPui
    Participant

    Thanks Rogerio for getting back.

    If you set WEB OAUTH LOGIN YES then only it requires the redirect URI.

    But if you set EMBEDDED OAUTH YES or NO it doesn’t matter.

    Irrespective of whether I put YES or NO but when I click on the facebook icon it still comes with the same error message and saying the I should turn WEB OAUTH LOGIN YES and put redirect URI.

    So really I’m not sure what is the problem here.

    Very strange.

    What is your Apps Domain ? What is your SITE URL ?

    Also in OpenAm Module Instance, what is your Account Mapping settings ? Is Email=Mail ?

    Please advise

    #6078
     Rogerio Rondini
    Participant

    Hi..

    So, App Domain and Site URL relies on your OpenAM deployment.

    If your OpenAm run on “http://openam.example.com:8080/openam”, App Domains should be “example.com” and Site URL should be “http://openam.example.com:8080/openam”. If you need to setup Redirect URI, it should be “http://openam.example.com:8080/openam/oauth2c/OAuthProxy.jsp”.

    Based on that, in the OpenAM OAuth Module Instance configuration, Proxy URL must to be “http://openam.example.com:8080/openam/oauth2c/OAuthProxy.jsp” and Account mapper can be “email=mail”.

    #6079
     DavidPui
    Participant

    Hi Rogerio
    I think I’m getting closer now.
    This time I tried logging off Facebook and click on the Facebook icon under Openam login screen and it prompted the Facebook login page which is what I expected and then it throws unable to logon to Openam.

    I believe this is due to the Attribute mapping and account mapping.

    I used everything in default. Under Openam login screen there is no email field its an Openam name or id field and password

    So I reckon that email should be set to name or email set to id ? What do you think ?

    #6094
     DavidPui
    Participant

    Hi Rogerio,

    Logging on to Facebook is using email address and password.

    However, logging on to Openam is using amAdmin and the password.

    So how do I setup so that when I click on Facebook icon in Openam and it will then logon to Openam.
    Anything that I need to do or setup in Subjects ?

    Please advise.

    Cheers
    David

    #6096
     DavidPui
    Participant

    Hi Rogerio,

    Just like to clarify the Integration between Openam and Facebook Authentication.

    When I’m testing the integration, I clicked on the Facebook icon, it then prompts me the Facebook login screen and I then entered my facebook email address followed by the password. After successful Facebook authentication, I’m assuming that Openam will attempt to invoke the Facebook app that I create in Facebook developer right, my question is that how does Openam knows which Facebook app to invoke ? How is the Facebook app linked to openam ?

    Well, it appears that after successful logged on to facebook screen, the next thing that happened is that I got a message from Openam saying Unable to login to Openam. It looks like it didn’t even try and create a userid if it doesn’t exists in openam and also how does openam or facebook knows which userid or email to use to logon to Openam.

    Please clarify and advise.

    Thanks.
    David

    #6284
     Rajesh R
    Participant

    @davidpui Not sure, if your issue is resolved, but if it is of any help, I’ve made a short video demonstration on Facebook Authentication. It’s at the link below:
    https://forgerock.org/2015/11/forgerock-openam-and-social-authentication-facebook-using-oauth2/

    #27671

    This reply has been reported for inappropriate content.

    Hi All,

    Can someone confirm whether we can fetch user’s mobile number from Facebook during OpenAM integration?
    ForgeRock-6.5 version.

    Thanks,
    Sauarbh

Viewing 9 posts - 16 through 24 (of 24 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?