Configuring OAuth Using the UI
OAuth in
NSX Advanced Load Balancer
is configured through several steps including setting up the pool, authentication profile, SSO policy, and OAuth settings for the virtual service.To configure OAuth using the UI,
- Configuring the Pool .
- Configuring Authentication Profile.
- Configuring the SSO Policy .
- Configuring the OAuth Settings in the Virtual Services .
Configuring the Pool
Create a Pool with Type as OAuth and configure backend servers as shown below:
- Navigate to .
- ClickCREATE POOLor edit the existing pools.
- Enter the Name of the pool.
- Select theTypeasOauth.

- Configure the pool as required.
- Under theServerstab, enter the details in theSelect Servers Byfield and clickADD.

- ClickSave.
Configuring Authentication Profile
In the Authentication profile, configure the endpoints for OAuth authentication, including authorization and token endpoints. You can either import the endpoints or enter the details manually.
To configure the Authentication Profile,
- Navigate to .
- ClickCREATE.
- Enter the Name and select theTypeasOAuth/OIDC.
- Perform one of the following steps to configure the endpoints:
- To configure and retrieve the endpoints automatically, enter the URL in theImport Endpointsand clickIMPORT.

- To configure the endpoints manually, enter the required details.
- ClickSave.
Configuring SSO Policy
Create an SSO Policy of type OAuth/OIDC as shown below,
- Navigate to .
- ClickCREATE.
- Enter theNameof the SSO Policy.
- SelectOAuth/OIDCas the SSO PolicyType.

- ClickSave.
Configuring the Virtual Service for OAuth
Create a new virtual service or edit an existing one where you want to enable OAuth authentication,
- Navigate to .
- ClickCreateor edit the existing virtual service.
- UnderSettings, select thePoolcreated for OAuth.
- UnderPolicies, click theAccesstab and selectOAuth
- Select the SSO Policy created for OAuth.
- Select the Authentication Profile created for OAuth.
- To limit access to the app, clickAdd Scopesand enter theScope Name.
- Configure the other options as shown below:

- ClickSave.
When configuring OAuth virtual services using the UI, at least one scope needs to be configured. If no scopes are required for the deployment, then configure a placeholder scope in the UI and remove it later using the CLI.