Remote Location Login with IPS - acp-bundle/acp-java GitHub Wiki

The ACP can be connected to different Forum Types in order to sign in through them. This is particularly useful if you want to assign ACP access based on forum user groups. There are 3 basic configuration methods:

  • Only Oauth2
  • OAuth2 plus remote query Script
  • Password login

only Oauth2

Download and install this OAuth2 plugin: https://invisioncommunity.com/files/file/8204-oauth-server/ Then add a new OAuth2 Application in the IPS control panel:

Then set the following values (without the quotes):

  • Application Name: “ACP Authentication” (Doesn’t really matter which name)
  • Redirect URI: “https://<url_to_your_acp>/oauth2.callback”
  • Allowed access scope(s): check “User profile information” and “User primary and secondary groups”

Now log into the ACP with an Account that has access to editing Locations. Go the “Edit Location” and add a new Location with type “IPS”:

You will know see something like this:

Now, perform the following steps:

  1. Delete the line starting with “queryScriptLocation”.
  2. If you want to use collab roles, replace the 0 in “collabId”: “0”, with the collab role you want. If you want to use general user groups, delete that line.
  3. Fill the oauth2data JSON Object with the data from the IPS Application settings
  4. Click on “Change settings” to save your settings.

Done! Please note that the user groups will be loaded on every new login. Every time there is a new Usergroup, you will see an entry in the Location config. If you want to set a user group name, just login with that user group, go back to a user being able to edit the Location, and replace the default User group name.

For instructions how to add user / group access, click here (link to be added).

This method is suggested only for Community Leader login since the user groups cannot be taken away during a session.

With OAuth2 plus remote query Script

First, install the OAuth2 plugin and create a new IPS location as described above, except you don’t need to allow the user group scope in the IPS Application settings. Then do the following:

  1. Change the “queryScriptLocation” path to the php script on your server which you can find here.
  2. If you want to use collab roles, replace the 0 in “collabId”: “0”, with the collab role you want. If you want to use general user groups, delete that line.
  3. Fill the oauth2data JSON Object with the data from the IPS Application settings
  4. Click on “Change settings” to save your settings.

Done! Please note that the user groups will be cached for up to 5 minutes.

For instructions how to add user / group access, click here (link to be added).

This method is suggested for general (Senior/Lead) Admins.

With password login

This method is not suggested in general since the password will go through the ACP in clear text. It is mainly suggested in case you self-host the ACP on your server.