All users in Tribal Habits must be 'authenticated'. This means that each user must login using unique credentials and a password.
Users can login to Tribal Habits via three methods:
Via the standard Tribal Habits login page. This requires the user to enter either their username or email field and then a password stored in your Tribal Habits platform.
Via SAML 2.0 Single-Sign-On. This redirects the user to your SSO platform where they enter their standard SSO credentials and are then redirected back to your Tribal Habits platform as an authenticated user.
Via a custom OAuth2 authentication process.
This article discusses the OAuth2 authentication method.
NOTE: OAuth2 authentication is not a standard inclusion in any Tribal Habits plan. It requires a small amount of custom development by our team and does involve a once-off set-up cost. The process is not complicated, but the open-source nature of OAuth2 means that some testing may be required by both teams to finalise the process.
What is OAuth2?
OAuth 2.0 is an industry-standard protocol for authorisation. Essentially, OAuth 2.0 is a security standard where you give one application permission to access data in another application.
In practical terms at Tribal Habits, OAuth2 is typically utilised when you have an existing platform of your own, which your users already log into (and so have a password in your platform) and you would like to have your users log into Tribal Habits using the same password. Basically, to avoid asking your users to create another set of credentials and log into a separate platform.
Note that OAuth2 is not the same as SAML 2.0 Single-Sign-On. These are different standards (which are often confused ).
Note that this is not an 'integration'. User data is not synced between the two platforms. OAuth2 is about 'authentication' - allowing your users to access Tribal Habits with your platforms credentials. If you need to sync user data between platforms, then you would require one of our managed integrations.
How does OAuth2 handle logins?
When OAuth2 is enabled in your Tribal Habits platform, your users can log into Tribal Habits using their credentials in your platform.
If your user is already logged into your platform, then when they access Tribal Habits, they will be automatically logged into Tribal Habits and not see our login page.
If your user is not logged into your platform, then when they attempt to access Tribal Habits, they will see a new button to 'Login via [your platform]'. That button will redirect them to the login page on your platform, allow them to login to your platform and then redirect them back to Tribal Habits as an authenticated user.
Here's an example, where Okta is used to provide the OAuth2 login process.
How do we enable OAuth2 in our Tribal Habits platform?
Please contact our support team to discuss your OAuth2 requirements. Our team can review your platforms technical capabilities and advise on the process.
Generally speaking, we follow the OAuth2 Simplified approach. We have created OAuth2 processes for a range of organisations with custom platforms of their own, as well as for popular website CRMs like Wordpress.