Yahoo social identity provider
Social authentication is deprecated and will be removed in a future release of IDM. For more information, refer to Deprecation. |
Set up Yahoo
To set up Yahoo as a social identity provider, navigate to the following page: Yahoo OAuth 2.0 Guide. You’ll need a Yahoo account. You can then navigate to the Create an App page, where you can follow the Yahoo process to create a new web application with the following information:
-
Application Name
-
Web Application
-
Callback Domain, such as
openidm.example.com
; required for IDM -
API Permissions; for whatever you select, choose Read/Write. IDM only reads Yahoo user information.
When complete and saved, you should see a Client ID
and Client Secret
for your new web app.
Yahoo supports URLs using only HTTPS, only on port 443. For more information on how to configure IDM to use these ports, refer to Host and port information. |
Configure Yahoo as a social identity provider
To configure a Yahoo social identity provider using the admin UI:
-
From the navigation bar, click Configure > Social ID Providers.
-
On the Social Identity Providers page, enable Yahoo.
-
In the Yahoo Provider window, enter applicable values in the fields, and click Save. For a complete list of fields, refer to Yahoo Social Identity Provider Configuration Details.
After you save the social identity provider configuration, IDM generates a conf/identityProvider-yahoo.json
file:
{
"provider" : "yahoo",
"scope" : [
"openid",
"sdpp-w"
],
"uiConfig" : {
"iconBackground" : "#7B0099",
"iconClass" : "fa-yahoo",
"iconFontColor" : "white",
"buttonClass" : "fa-yahoo",
"buttonDisplayName" : "Yahoo",
"buttonCustomStyle" : "background-color: #7B0099; border-color: #7B0099; color:white;",
"buttonCustomStyleHover" : "background-color: #7B0099; border-color: #7B0099; color:white;"
},
The next part of the file includes schema
information, which includes properties for each social identity account, as collected by IDM, as well as the order in which it appears in the admin UI. When you’ve registered a user with a Yahoo social identity, you can verify this by selecting Manage > Yahoo, and then selecting a user.
Next, there’s the part of the file that you may have configured through the admin UI, plus additional information on the redirectUri
, the configClass
, and the authenticationIdKey
:
"authorizationEndpoint" : "https://api.login.yahoo.com/oauth2/request_auth",
"tokenEndpoint" : "https://api.login.yahoo.com/oauth2/get_token",
"wellKnownEndpoint" : "https://api.login.yahoo.com/.well-known/openid-configuration",
"issuer" : "https://api.login.yahoo.com",
"clientId" : "<Client_ID_Name>",
"clientSecret" : {encrypted-client-secret},
"authenticationIdKey" : "sub",
"redirectUri" : "https://openidm.example.com/",
"basicAuth" : false,
"configClass" : "org.forgerock.oauth.clients.oidc.OpenIDConnectClientConfiguration",
"enabled" : true
If you need more information about the properties in this file, refer to the following appendix: Yahoo Social Identity Provider Configuration Details.
Configure user registration to link to Yahoo
Once you’ve configured the Yahoo social identity provider, you can activate it through User Registration. To do so in the admin UI, select Configure > User Registration, and activate that feature. Under the Social tab that appears, enable Social Registration. For more information on IDM user self-service features, refer to Self-service end user UI.
When you enable Social Registration, you’re allowing users to register on IDM through all active social identity providers.
Yahoo social identity provider configuration details
You can set up the Yahoo social identity provider through the admin UI or in a conf/identityProvider-yahoo.json
file. IDM generates the identityProvider-yahoo.json
file when you configure and enable this social identity provider in the admin UI. Alternatively, you can create the file manually.
The following table includes the information shown in the admin UI Yahoo Provider pop-up window, along with associated information in the identityProvider-yahoo.json
file.
Yahoo supports URLs using only HTTPS, only on port 443. For more information on how to configure IDM to use these ports, refer to Host and port information. |
Property (UI) | Property (JSON file) | Description |
---|---|---|
Client ID |
|
The client identifier for your Yahoo App. |
Client Secret |
|
Used with the Client ID to access the applicable Yahoo API. |
Scope |
|
An array of strings that allows access to user data. |
Authorization Endpoint |
|
Typically, |
Token Endpoint |
|
Endpoint that receives a one-time authorization code, and returns an access token. Typically, |
Well-Known Endpoint |
|
Access for other URIs. Typically, |
Issuer |
|
The token issuer. Typically, |
Not in the admin UI |
|
Name of the social identity provider. |
Not in the admin UI |
|
Configuration class for the authentication module. |
Not in the admin UI |
|
Whether to use basic authentication. |
Not in the admin UI |
|
Mapping between Yahoo and IDM. |
For information on social identity provider buttons and badges, refer to Social identity provider button and badge properties.