Introduction

PlusWorkflow allows integration with external user authentication applications such as: Okta. In this case, it is the external application that is responsible for authenticating the user and communicating to the system whether the user can be allowed into the PlusWorkflow system. If there is only one implementation of an authentication application installed in the system, then when the login page is called, there will be an automatic attempt by this external application to call authentication.

The external application, after authentication, must call the servlet on the system using the POST method: api/authentication/sso/login. A provider parameter must be transferred, whose value is the id of the authentication application specified in the plugin descriptor as a key attribute. The description is given below.

Implementation

The implementation that supports authentication in the external application must be in the plugin.

The system provides an interface Authenticator. This interface must be implemented in the plugin. The implementation then needs to be registered in the plugin descriptor:

<authenticator key="okta" class="com.suncode.okta.authenticator.OktaAuthenticator"/>

When the plugin is started, the implementation will be loaded by the system.