SSO

Tendenci has an oAuth2 client built in that you can use to set up single sign-on (SSO) for your tendenci site. To enable the oAuth2 client, follow these 3 steps:

1. Add oauth2_client to the INSTALLED_APPS in your conf/settings.py:

INSTALLED_APPS += ['tendenci.apps.oauth2_client',]

2. Add oauth2 urls to the urlpatterns list in your conf/urls.py (you can change the url path):

urlpatterns = pre_urlpatterns + [

    #url(r'^', include('example_app.urls')),
    url(r'^oauth2/', include('tendenci.apps.oauth2_client.urls')),
] + post_urlpatterns

3. Set up these settings in your conf/settings.py (adjust yours accordingly):

AUTHENTICATION_BACKENDS = ['tendenci.apps.oauth2_client.backends.AuthenticationBackend'] + AUTHENTICATION_BACKENDS

OAUTH2_REMOTE_APP_NAME = 'example'
OAUTH2_CLIENT_ID = 'Example Client ID'
OAUTH2_CLIENT_SECRET = 'Example Client Secret'
OAUTH2_ACCESS_TOKEN_URL = 'https://www.example.com/oauth2/token'
OAUTH2_ACCESS_TOKEN_PARAMS = None
OAUTH2_AUTHORIZE_URL = 'https://www.example.com/oauth2/authorize'
OAUTH2_AUTHORIZE_PARAMS = None
OAUTH2_API_BASE_URL = 'https://www.example.com/'
OAUTH2_USERINFO_ENDPOINT = 'https://www.example.com/oauth2/userInfo'
OAUTH2_LOGOUT_REDIRECT_URL = 'https://www.example.com/logout'
OAUTH2_CLIENT_KWARGS = {
'scope': 'openid profile',
'token_endpoint_auth_method': 'client_secret_basic',
        'token_placement': 'header',
}
OAUTH2_USER_ATTR_MAPPING={
'username': 'email',
'email': 'email',
'first_name': 'given_name',
'last_name': 'family_name'
}

For the OAUTH2_USER_ATTR_MAPPING setting, you can add more fields like phone, address, city, state, zipcode, country