Under https://developers.facebook.com/docs/development/create-an-app, Facebook offers all necessary instructions for setting up OAuth access.
To help you, here is a step-by-step guide to creating the desired function. Possible additional functionalities are not considered here.
The degree of the safety measures set here must, if necessary, be determined by the operator of the SEPPmail Secure E-Mail Gateway themselves and be adapted to their circumstances.
Procedure:
(version of 15.12.2021)
•Open the corresponding https://developers.facebook.com/
•Login with the account described in the chapter GINA Generating OAuth access data at the IDP.
•If this account
ois not yet registered as "Developer Account", the button "Let’s go"appears on the top right.
This button starts the registration of the logged-in account as a developer account.
After completing the registration, the area with your own apps is displayed, which is empty after the new registration.
ois already registered as "Developer Account", the button "My Apps" appears on the top right, offering access to one’s own apps.
•With the button "Create App", a new app can be created.
•On the subsequent page, select the app type "Business" and confirm with "Proceed".
•In the next window, enter
oa descriptive "Display Name", for example "GINA OAUTH My Company Corporation"
oa "Contact Email Address of the App". This field is usually pre-filled with the address of the registered account.
oas "Purpose of the App", select "You or your own business".
ono further adjustment is required and proceed with "Create App".
o for security reasons, the account password needs to be entered once more.
•On the subsequent page, select the "Product" "Facebook Login" by clicking on "Setup".
•On the next page, select "Web".
•On the next page, enter the URL of the website, for example
https://www.mycompany.tld
Save the entry by clicking on "Save" and confirm with "Proceed".
•In the sidebar to the left, open the drop-down menu "Facebook Login" and select "Settings".
•Make settings under
oClient OAuth Settings
as follows:
Option |
Setting |
|---|---|
Client OAuth Login |
Off |
Web OAuth Login |
On |
Use HTTPS |
greyed out (On) |
Force re-authentication on the web through OAuth |
Off |
Embedded Browser OAuth Login |
Off |
Use strict mode for redirect URIs |
greyed out (On) |
Valid OAuth Redirect URIs |
Enter the URIs under which the GINAInterface(s) can be reached. If only "[default] GINA" is used, the entry could be, for example https://securemail.mycompany/web.app
If several GINA domains are used, more entries can be added by pressing the "Enter" key, for example https://securemail.mycompany/customer1/web.app https://securemail.mycompany/customer2/web.app https://securemail.mycompany/customerN/web.app or when using Virtual Hosting also https://securemail.customer1.tld/web.app |
Login at devices |
Off |
Login with the JavaScript SDK |
Off |
Domains approved for the JavaScript SDK |
Enter the Hostname of the SEPPmail Secure E-Mail Gateway as it can be reached from the Internet, for example securemail.mycompany |
•In the sidebar to the left, select "App Review" and its menu item "Authorisation and Features". In the field to the right, for both authorisations "public_profile" and "email", select "Request extended access".
•In the sidebar to the left, select "Settings" and its menu item "General". In the field to the right, the "App ID" and the "App Secret Code" can be copied and entered into the respective fields (ID and Secret) on the SEPPmail Secure E-Mail Gateway.
