Connections

Connections define how users can authenticate. Configure social logins, enterprise SSO, and passwordless options.

Connection Types

Social Connections

Google

1. Go to Google Cloud Console (opens in a new tab)
2. Create OAuth 2.0 credentials
3. Add redirect URI: https://id.optare.one/oauth/callback/google
4. In Optare Console, add Google connection with Client ID and Secret

GitHub

1. Go to GitHub Developer Settings (opens in a new tab)
2. Create a new OAuth App
3. Set callback URL: https://id.optare.one/oauth/callback/github
4. Add to Optare with Client ID and Secret

Microsoft / Azure AD

1. Go to Azure Portal (opens in a new tab)
2. Register an application in Azure AD
3. Set redirect URI: https://id.optare.one/oauth/callback/microsoft
4. Configure in Optare

Enterprise SSO (SAML)

For organizations with existing identity providers.

Configuration

1. Go to Settings → Enterprise SSO
2. Enable SAML
3. Enter IdP details:

SP Details (give to IdP)

Common IdPs

• Okta: Configure SAML in Connections
• Azure AD: Configure SAML/OIDC in Connections
• OneLogin: Configure SAML in Connections

Passwordless

Magic Link

Email a one-time login link.

Enable:

1. Go to Connections → Passwordless
2. Enable Magic Link
3. Configure email template

User Flow:

1. User enters email
2. Optare sends magic link
3. User clicks link
4. User is logged in

SMS OTP

Send a one-time code via SMS (requires Twilio).

Configuration:

1. Add Twilio credentials
2. Enable SMS Connection
3. Configure template

Connection Rules

Domain-Based Routing

Route users to specific connections based on email domain:

Priority

Set connection priority for login page:

1. Enterprise SSO (if domain matches)
2. Social logins
3. Email/Password

Next Steps

• Tenant Settings - Authentication policies
• Connections Setup - Detailed connection setup
• Branding - Customize login page