Starting with version 1.1.0, Thirdlane Connect allows users to link their Google and Microsoft accounts to Thirdlane Connect, sign-in without having to enter user id and password, and search in, communicate with, and add associated contacts to Thirdlane Connect.
In order to enable this feature in Thirdlane Connect, administrators have to first register their installation for OAuth 2.0 authentication with External Providers. In this blog post, we will explain how administrators can register with Google and Microsoft (more providers will be added in the future) and how Thirdlane Connect users can manage their (what we call ) Internet Accounts in Thirdlane Connect.
Registering with External Providers
How to register an app with Google OpenID Connect endpoint
Before your application can use Google's OAuth 2.0 authentication system for user login, you must set up a project in the Google API Console to obtain OAuth 2.0 credentials, set a redirect URI, and customize the branding information that your users see on the user-consent screen: https://console.developers.google.com.
You need OAuth 2.0 credentials, including a client ID and client secret, to authenticate users and gain access to Google's APIs.
To create your client credentials in Google Cloud Platform Console, go through the following steps:
1. Go to the APIs & Services > Credentials page in GCP Console.
2. Fill out the required fields on the OAuth consent screen.
3. Click the Create credentials button, then select OAuth client ID.
4. Select Web application type and fill out the authorized redirect URIs field as “http://REPLACE ME/oauth2/google/callback” then click the Create button
5. Write down your credentials as this information must be specified in the External login providers configuration
6. Go to Thirdlane Communications Manager -> System Management -> System Settings -> External Login Providers and create an External Login Provider using your Redirect URL and newly obtained client ID and client secret.
How to register Thirdlane Connect with Microsoft
To use both MSA & Azure Active Directory for sign-in, you'll first need to register with Microsoft. Microsoft account or MSA (previously known as Microsoft Passport,.NET Passport, Microsoft Passport Network, and Windows Live ID) is a single sign-on web service developed and provided by Microsoft that allows users to log in to websites (like Outlook.com), devices (e.g. Windows 10 computers and tablets, Windows Phones, or Xbox consoles), and applications (including Visual Studio) using one account.
1. Go to Microsoft app registration portal at https://apps.dev.microsoft.com and sign-in with either a personal or work Microsoft account. If you don't have either, sign up for a new personal account.
Click Add an app, and specify a name - use Thirdlane Connect or anything you like
Create Application secret by clicking Generate New Password and save it for future use.
Save Application secret for future use.
Next, click Add Platform and select Web as the platform for Thirdlane Connect.
Specify redirect URL which has the following format:
Make sure that you replace the domain part of the URL with your domain.
To add all required permissions, click the "Add" button in the Delegated Permissions section
Turn on "Contacts.Read", "Contacts.Read.Shared", "People.Read", "User.Read", "User.ReadBasic.All" permissions then click Ok
Disable “Live SDK support” option.
Optionally, you can customize the look and feel of your sign-in page in the Profile section.
Make sure to click Save before moving on.
2. Go to Thirdlane Communications Manager -> System Management -> System Settings -> External Login Providers and create an External Login Provider using your redirect URL and newly obtained client ID and client secret.
Managing Internet Accounts in Thirdlane Connect
Thirdlane Connect allows you to setup and manage Internet Accounts associated with your accounts at External Providers configured for your installation. In order to add an Internet Account from the list of External Providers configured by your administrator, open Thirdlane Connect, go to Settings, select “Internet Accounts” in the dropdown at the top, and click on the “Manage Internet Accounts” link.
This will open display a list of Internet Accounts. If you are doing this for the first time, the list will be empty. Click on the “Add Internet Account” button, select the type of Internet Account you would like to add (Google and Microsoft are supported at the time of writing), and press “Authenticate” button.
In a popup window you will be prompted to select an Internet Account to authenticate with and associate with your Thirdlane Connect - which basically means a user id for sign in and associated contacts to access.
After you click “Allow”, a new Internet Account will appear in the list of Internet Accounts of the “Manage Internet Accounts” page - this means that you are ready to go.
Using your Internet Accounts
Now that you have just added an Internet Account to Thirdlane Connect, it is easy to start using it. Open the the login form (click “Sign out” icon at the bottom left if you are currently signed in), and click on a circle icon that corresponds to your Internet Account. This should open a popup window, where you can select your Internet Account ID (say, email - for Google) and proceed. Once authentication is successful, Thirdlane Connect will be "linked" with your account at the External Provider and you will be able to always use it for signing in.
If sign in buttons above the form are missing, this most likely means that the integration was not properly set up by your administrator.
Once an Internet Account is linked, Thirdlane Connect will automatically add a Contact Source so you will have access to your contacts associated with that account. You can read about Contact Sources in this article. To search contacts in the newly configured Contact Source, open the “Contacts” menu item, click on the “Search” icon and open the Contact Source dropdown. Since a Contact Source was already created you should see a new Contact Source named “Google” or “Microsoft”. "Check" it to include in your future searches, and search as you would with any other Contact Sources - matching contacts from your Internet Account should appear in the search results.
This is how Internet Accounts currently work in Thirdlane Connect. We will add more External Providers/Internet Account types (LinkedIn, Facebook, Twitter, etc) in the future releases.
Do you know that Thirdlane Connect is compatible with both Slack and HipChat webhooks format, so that you can use all the Slack and HipChat webhooks based integrations? More about this in the future articles.