Use Google OAuth Authentication to Restrict Access to Digitise apps

Digitise Apps supports three methods of authenticating users, where you want to restrict access to your Digitise apps – internal Digitise Apps credentials, Windows Active Directory Authentication and OAuth. If you don’t need or want users to log in, users can be automatically logged in as anonymous users without them having to go through a login screen.

 

OAuth is available for apps running on Android, Apple and Windows devices and means users can login using a Google Gmail address and its corresponding Google account password. Digitise Apps will authenticate the user with Google and if valid will allow access to the user. Note that on Windows devices, OAuth is only available with the Windows Desktop version of the Digitise Apps Client and Standalone Apps, it isn’t supported in the Windows Universal Platform versions of the Client and Standalone Apps.

 

In order to use OAuth Authentication, each user that you want to login this way will require a Gmail account, as the Gmail address is used as the username within Digitise Apps. You will also need to create Google Credentials in the Google API Console and obtain a Client ID and Client Secret, if you have not already got these set up to use OAuth elsewhere. Having done this, you can then configure Digitise Apps to use OAuth on an app-by-app basis.

At runtime, both the PC running the Digitise Apps' App Server and the Client devices will require an internet connection in order for Digitise Apps to authenticate users with Google.

Once logged in using OAuth, there is no difference in the way Digitise Apps behaves for OAuth users than for users logged in using other supported methods of authentication.

If a device loses its connection, any running apps will continue to work, although a user won’t be able to synchronise data with a remote Data Source until they have a network signal again. If the user closes an app whilst the network connection is down, a configuration setting determines whether they should be allowed to log back in or not.

 

The Client ID and Secret are used to identify you to Google when Digitise Apps requests a user authentication. You can use the same ID and Secret for all your users or you can generate multiple accounts if required.

To generate a Client ID and Secret, you need to use the Google API Console which is accessible from a web browser:

  1. Connect to the Google API Console. Load a browser and enter the following URL:

    https://console.developers.google.com

    You will need a Google account to access the Console, for example a Gmail account.

  2. If required, create a new Project within the Console by clicking on the down arrow beside the word Project in the top left-hand side of the title bar and choosing Create project. Enter a name for this project and then click Create.

    Your new project will be created and when ready you will see the name of your project displayed in the title bar in place of the word Project.

  3. Select Credentials under API Manager in the left-hand side panel.

  4. A message box will be displayed explaining you need credentials in order to access APIs.

    Click on the Create credentials button and then choose OAuth client ID from the list of options displayed.

  5. When the Credentials page displays, click on the Configure consent screen button.

  6. Enter your email address and product name and fill out any of the remaining fields you want to use. Click Save.

  7. You will then be asked to select an Application type. Select Other and then give it a name, e.g. 'Digitise Apps Client Credentials'.

  8. Click Create.

  9. You will then be presented with a Client ID and a Client Secret.

    You will need both these pieces of information to configure OAuth Authentication within your Digitise Apps Client(s) or Standalone App(s). You can copy them now from the dialog box and store them somewhere for future reference but note that you can always refer back to the Google API Console at any time to retrieve these details should you need to.

  10. Click OK.

  11. The Console will now display a list of your configured OAuth Clients. Each Client in the list has three icons to the right allowing you to edit (pen icon), delete (bin icon) or download (arrow icon) the Client information.

    Clicking the edit icon will display information about the Client including its ID and Secret.

See also:

Configure a Client or Standalone App to Use OAuth Authentication

Add an OAuth User to App Manager

Log In Using Google OAuth Authentication