Third-party Authentication

Cloud Scale’s Authentication component allows you to implement a third-party authentication service of your preference for your Catalyst application. The authorization and validation of the end-user is handled by the third-party service, and the data is passed on to Catalyst.

Before you associate a third-party authentication with your Catalyst application, you must ensure that you have first completed handling the third-party logic in the external service. You can configure the authentication with any third-party of your choice.

Note: Since you are implementing a third-party authentication service, it is understood that the security infrastructure of your application is contingent on the efficiency of the third-party service that you have chosen.

Next, you set up the third-party authentication that you configured in Catalyst by navigating to the Authentication component in Cloud Scale in the Catalyst console. The steps are explained in Set Up Third-party Authentication in Catalyst help page.

This process involves the following steps that you must perform:

Generate a Custom Server Token

First, we generate a custom server token. When a user is re-directed from a third-party service after being authenticated, their credentials must be passed to an authentication function that you will need to code in Java, Node.js, or Python. This function will generate a Catalyst server-side token JSON Web Token token (JWT) which will then be passed to the client.

Note: To enable a third-party authentication in your Catalyst application, you must ensure that you have enabled Public Signup in the console.

Authenticate User Using JWT

The below SDK will use the generated JWT or custom token to authenticate the end-user. You must incorporate this code into your web client logic, to enable third-party authentication.

This is a sample code that uses a JWT to authenticate the user is given below.

<script src=""></script> <script src="/__catalyst/sdk/init.js"></script> <script> catalyst.auth.signinWithJwt(getCustomTokenCallback); function getCustomTokenCallback(){ return fetch("{domain}/server/{function_name}/execute") //function url to get the generated custom token .then(resp => resp.json() .then(resp => { return new Promise((resolve, reject) => { resolve({ client_id : "********", scopes : "ZOHOCATALYST.tables.rows.ALL,ZOHOCATALYST.cache.READ", jwt_token : "*********" }); }); })) } </script>
Note: The custom server token will have to be generated every single time the user logs in to your application using a third-party authentication service.

Configure Addional Settings

Finally, you can onfigure Customer User Validation or Authorized Domains as a part of Whitelisting and finish the set up. Catalyst will display a confirmation that a third-party authentication service has been enabled and your application’s authentication is being handled by it.

Last Updated 2024-01-04 12:16:42 +0530 +0530