Reforge OAuth Overview
In this article
- What is OAuth and Why Does Reforge Use It?
- What is Required for OAuth Access?
- Our IT Team Needs to Approve Access to Reforge. What Can I Do?
What is OAuth and Why Does Reforge Use It?
Open Authorization (or OAuth) is a log in protocol allowing a website or application to securely access resources on another website or application. We use OAuth because we've determined it to be a solid balance of security and ease of use.
Reforge only supports logging in via OAuth through 3 methods: Google, LinkedIn, or Microsoft services. We do not support email and password or OpenID options at this time.
What is Required for OAuth Access?
To log in to Reforge we require an email from Google or Microsoft. In lieu of that, we also allow log in via LinkedIn and any email associated with your account there. For some teams, you may need to get clearance from your IT Team to allow list Reforge for logging in. If this is the case, please see below.
Our IT Team Needs to Approve Access to Reforge. What Can I Do?
If you're a plan manager on a team, here's an email template you can fill in and send to your IT department to help speed the process along and enable your team.
If you received a message noting you can't log in due to needing approval, this is indicating to you that your IT or Security department has not properly allow listed Reforge as a 3rd party application to be used with your workspace email and credentials. Your next step would be to reach out to your IT and/or Security department to have Reforge set up to be an accepted 3rd party application.
We've provided some external documentation below for both Google and Microsoft services to help your IT/Security teams enable OAuth.
If your IT requires additional information, please connect them to hello@reforge.com.
Resources for Google OAuth Configuration
Here are some external resources that may be helpful to provide to your IT team(s) to configure OAuth:
Resources for Microsoft OAuth Configuration
Here are some external resources that may be helpful to provide to your IT team(s) to configure OAuth: