Using an OAuth identity provider to authenticate FileMaker clients (FileMaker Server only)

FileMaker Pro allows solutions to authenticate user accounts via third-party OAuth identity providers that have been specified in FileMaker Server.

To set up authentication by an OAuth identity provider:

  1. Click the Administration > External Authentication tab.

  2. For Predefined Identity Provider (IdP) Authentication Settings or Custom IdP Authentication Settings, configure an OAuth identity provider:

    • For Amazon and Google: Enter the client ID and client secret, then click Save Authentication Settings to save the provider's configuration.

    • For Microsoft: Enter the application ID, key, and directory ID, then click Save Authentication Settings to save the provider's configuration.

    • For Apple: Enter the service ID and client secret, then click Save Authentication Settings to save the provider's configuration.

    • For AD FS: Enter the application ID, application secret, and server host, then click Save Authentication Settings to save the provider's configuration.

    • For Custom OAuth: Enter the custom name, client ID, client secret, authorization code endpoint, authorization token endpoint, authorization profile endpoint, icon endpoint, user account schema, user group schema, and scope, then click Save Authentication Settings to save the provider's configuration.

  3. For Database Sign In, set External Server Accounts to Enabled.

  4. Enable the OAuth identity provider you want to use for authenticating FileMaker clients.

To remove OAuth identity providers:

  1. Click the Administration > External Authentication tab.

  2. Set the OAuth identity providers you want to remove to Disabled.

  3. If you no longer want to support external authentication for database login, set External Server Accounts to Disabled.

Notes 

  • For information about creating OAuth identity provider accounts, see Claris Pro and FileMaker Pro Help.

  • Clients who use OAuth identity provider accounts should use the server's fully qualified domain name when opening a file hosted by FileMaker Server.

  • Admin Console does not validate or verify the OAuth identity provider values. Clients may see unexpected results if the identity providers are not set up correctly.