Skip to main content

Authenticating with standard OAuth

When you have the Jive for iOS or Jive for Android add-on installed through the Jive Add-ons interface, standard OAuth is the default configuration.

In previous versions, Jive used basic auth as an authentication option for mobile apps. As of Jive 7, we use OAuth2 with the username/password grant. When users enter a username and password on the mobile device, all subsequent API calls go through OAuth instead of basic auth. This authentication method is much more secure because the username and password are never stored on the mobile device.

  1. Under your name or avatar, select Add-Ons.

  2. Make sure the Jive Mobile for iOS or Jive Mobile for Android add-on is installed and enabled. If you are using an on-premise version earlier than 7.0.1, or your instance isn't connected to the Internet, you may need to contact Jive Support to install this add-on.

  3. Next to the app listing, click the gear icon and select Settings. Then click Advanced.

  4. If necessary, adjust the Access Token and Refresh Token timeout settings. The default settings are 48 hours for the Access Token and 15 years for the Refresh Token.

You can also choose to extend users’ OAuth access tokens based on continued activity. By default, users will be required to re-authenticate after 15 minutes of inactivity on the device. The activity-based OAuth method works like a very basic application lock.

To set up activity-based OAuth:

  1. Set the Refresh Token to time out earlier than the Access Token, which ensures that the Access Token is not refreshed before the Refresh Token has expired.

  2. During the configuration, set the Access Token and Refresh Token timeout settings to very short intervals. The Refresh Token timeout setting should be at least 1 minute shorter than the Access Token timeout setting.

  3. Select Automatically extend access token expiration upon activity.

If you also have SAML SSO enabled on the instance, and you prefer to use OAuth rather than SAML for mobile authentication only, please refer to Forced OAuth for mobile only. If you want Mobile users to authenticate through SAML SSO, but you prefer different timeout settings for mobile devices, see First-time only authentication with SAML.

Related

Authentication with Jive Mobile