Editing OAuth account access
For files hosted by FileMaker Server, users can be authenticated via OAuth identity providers such as Amazon, Google, Microsoft Azure AD, or a customizable OAuth identity provider. OAuth account access allows you to control access to your files through third-party identity providers and may allow access to additional security measures, such as multifactor authentication, which requires more than one method of authentication.
To create or edit OAuth identity provider account access:
-
Start editing new or existing account access for an OAuth identity provider user or group in the Manage Security dialog box.
-
For Authenticate via, choose Amazon, Google, Microsoft Azure AD, or Custom OAuth.
For a list of supported customizable OAuth identity providers, see FileMaker platform technical specifications.
-
To grant account access to a user or group, click New. To change an existing account access entry, select the user or group.
-
For Privilege Set, choose, create, or edit a privilege set.
See Creating and editing privilege sets.
The privilege set assigned to this account access determines what the OAuth identity provider user or group can do in the file.
-
To make the account active, select its checkbox.
Make account access inactive, for example, to set up privilege sets before allowing users to sign in.
-
Microsoft Azure AD or custom OAuth: If you grant access to multiple groups or users, you may need to change the priority of account access.
|
To |
Do this |
|
Grant access to a user |
Microsoft Azure AD or custom OAuth: For Group or User, choose User. Enter the User Name for the account defined by the OAuth identity provider. |
|
Grant access to a group |
For Group or User, choose Group. Then enter the Group Name or, for Microsoft Azure AD, the Group Name (Object ID) defined by the OAuth identity provider. |
Notes
-
You'll need to set additional options in Admin Console for FileMaker Server to authenticate users via an OAuth identity provider. See FileMaker Server Help.