Introduction:

Access Manager supports the different external OAuth providers for social integration. Social authentication simplifies login for end users and does not require maintaining large user stores. This authentication can be configured using the SocialAuthClass of Access Manager Identity provider. For more information see the NetIQ Access Manager documentation.

This cool solution is intended for administrators or app developers to test their applications with NAM. I will be describing how to create a sandbox application and use it with Access Manager.

How it Works:

Create an application in Instagram and configure it with Access Manager Identify provider. Access the Social class from Identity Server page, Authenticate with Instagram and access the resource protected by Access Manager.

Pre-Requisites:

  • You must have a developer account with Instagram
  • Access Manager 4.3 or earlier

Configuration:

Step 1 – Instagram Configuration to create an application

  1. Create an Instagram application for test
    1. Access Instagram Developer url: https://www.instagram.com/developer/
    2. If user is not logged In, click on Log In. Perform the login. If this is first time access, the following page appears:

Dashboard

  1. Click on Register your application. Add the application name and domain. Save the information.
  1. Now, Click on Register a New Client. Fill in the information as per the application. The following details are only for illustration.
    1. Application Name: NAMTest_Sles12
    2. Description: Product
    3. Company Name: Novell
    4. Website URL: www.novell.com
    5. Valid redirect URIs: https://sles12-acidp.labs.blr.novell.com:8443/nidp/jsp/socialauth_return.jsp
    6. Contact Email: vneeraj@novell.com
    7. Enter the ReCaptcha code and click on Register.

Ceate Client

  1. After Successful Registration, the Application Summary page will be displayed.
  2. On the Manage Clients page, click on Manager for the client created.
  3. From the Details tab, copy the client ID and Client Secret. This will be used by Access Manager when Instagram will be configured.

Details

  1. Note that, this app is in sandbox mode.

Step 2 – Configure NAM for Instagram Authentication

  1. Create a Social Auth class in NAM if it does not exist. If Social Auth exists, the same class can have multiple social authentication providers.
  2. Click Add on Social Auth Providers. Select “Other” in Auth Provider. Add the Following information:
    1. Provider Name: “Instagram”
    2. Consumer key: Client id of Instagram application
    3. Consumer Secret: Client Secret of Instagram application
  3. Save the configuration.
  4. Configure Method and Contract for this provider. For more information, see the NetIQ Access Manager Documentation.

App config

Testing the Authentication:

  1. Open the NAM IDP URL in the web browser. Select the Social class from the left drop down. Select Social Authentication card.

AppTest2

  1. Click on the Instagram icon. It will ask for login. Do login with valid user
  2. Post authentication, it will ask for authorization.

Authorization

  1. Authorize the app and it will redirect back to the Access manager identity provider portal. Social Authentication contract will be marked as authenticated.

AppTest4

Troubleshooting:

During authentication, the following error may appear:

{"error_type": "OAuthForbiddenException", "error_message": "You are not a sandbox user of this client", "code": 403}

This is because the application is created in the sandbox and it’s not open for all the users. In this mode, only selected (invitation base) users can access. Users must be registered as developer in Instagram. By default, they will be in pending mode. You have to login into respective developer account and accept that. This looks to be limitation from Instagram.

Client Info

Once the application is tested, it has to be enabled for live access. Submit the client from the permission section.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Loading...

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: VNeeraj
Feb 21, 2017
1:58 pm
Reads:
640
Score:
Unrated
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Sentinel Supported Troubleshooting Workflow