Setting up OAuth2.0 for Custom Database Integration

We'll show you how you can use WordPress to create a custom Database that can connect to MAZ's API

Be sure to read our Custom Database Integration API documentation first to get a good idea of how it works. Here's a helpful image that might help visualize the authentication process with OAuth2.0:

There are many Wordpress plugins you can use for OAuth2.0. In our case, we are WordPress OAuth Server (OAuth Authentication) as an example. Here's their documentation for additional information. Please note that you can use any you see fit, but these instructions will be based off of this specific plugin.

 

1. Within your Wordpress admin, navigate to the Plugins tab on the lefthand side and click on Add New. Search the plugin mentioned above and use the Install Now button.

 

2. After installing the plugin, activate it by clicking on Activate.

 

3. Now OAuth Server will show in your navigation bar. Please click it to navigate there and add a new client.

 

4. Fill in the details:

  • Client Name (this can be anything you choose)
  • MAZ's Redirect URI (https://id.mazsystems.com/app_users/v2/sessions/oauth)
  • Scopes (this can be found on WP OAuth Server's documentation, make sure to give access of the authorization-code). Default Scopes: openid profile email basic

5. Click Create Client. Now you should be supplied with a Client ID and  Client Secret. Be sure to record these values along with your scopes, you will need to add these to the MAZ Dashboard.

 

6. You will need a Database Template for OAuth2. In order to have this created for you, reach out to success@mazsystems.com and request to have a Database Template for OAuth2 created for you. After the support team confirms the new template is established, navigate to Users > Database Integrations from your MAZ Dashboard. You should see a new integration available now. Click Setup to start integrating your database.


7. Add in your Scopes, Client ID, and Client Secret. You should have set up an Authorize URL unique to your Wordpress account. This URL contains:

  • DOMAIN_URL: where the platform is hosted
  • ENDPOINT: for authentication which will be written in the plugin's documentation.
    Example: /oauth/authorize

The complete URL may look something like this:

 
https://coolmazapp.com/oauth/authorize?response_type=code&client_id=&scope=&redirect_uri=

Add this to Authorize:

8. Now we need to get access_token, expires_in, refresh_token, etc. through the token URL. This endpoint should look something like /oauth/token. Add this URL to Token. Please note that you shouldn't need to hardcode client credentials since MAZ will handle them as variables.

9. Next we will need a URL for Profile

 

10. Next is Get Access which may be the same as Profile, depending on your setup. You will need to set up Update Access as well if you plan on having SSO/Two way sync.

 

11. Now change the user's Policy according to the response of the user's info. Mostly "email" and "member_id" may need to be changed depending on the user's profile API result. For example, if you are getting "user_email" in user's profile API, then change "email" to "user_email" in the policy.

 

12. Save the form. Now MAZ will check your database within Wordpress to authenticate your end users!