OAuth 2.0 authentication for webhook connectors
OAuth 2.0 is now available for webhook connectors to provide simple, consistent, and secure authentication.
To configure OAuth 2.0 for a webhook connector:
- Go to Fabric View > Fabric > Connectors, and click Create New.
- Under the ITSM category, click Generic Connector.
You can also configure OAuth 2.0 authentication for an existing webhook connector by selecting the connector and clicking Edit.
- Configure the following properties:
Name
Type a name for the connector.
Description
(Optional) Type a description for the connector.
Protocol
Select the protocol FortiAnalyzer uses to communicate with the external platform.
Port
Type the port FortiAnalyzer uses to communicate with the external platform.
Method
Title
Type a title for the connector.
URL
Type the URL of the external platform.
Enable HTTP Authentication
Set HTTP authentication to ON.
Auth Type
Select OAuth2.
Authorization Server
Type the URL of the token service. The token service must be publicly available.
Auth Client ID
Type the client ID from the token service.
Auth Client Secret
Type the client secret from the token service.
Status
Set status to ON to enable the fabric connector.
- Click OK.
Backend OAuth 2.0 libraries in FortiAnalyzer connect to the token service and authenticate with the provided client ID and client secret. When authentication is successful, FortiAnalyzer receives a token with a TTL and scope attached to it. FortiAnalyzer will use this token for all webhook connections to the token service until TTL expires.