Configuring Spotfire Web Clients for OAuth2 with TIBCO Cloud™

To be able to use some functionality that integrates with TIBCO Cloud™ in Spotfire web clients, you must configure your Web Player service by registering it as an OAuth2 client in TIBCO Cloud.

About this task

You must configure your Web Player to use the following functionality:

To use the authentication mode TIBCO Cloud™ Authentication in your Spotfire web clients when connecting to TIBCO Cloud™ Data Streams.
To use external actions with TIBCO Cloud™ Integration (TCI) apps in your Spotfire web clients.

Important: If you have already done the steps described in this article before version 12.0 of Spotfire, and you want to use external actions with TCI apps, you must do the configuration again. The reason is that in earlier versions, the register-as-tibco-cloud-client command did not request the permissions required for accessing TCI.

Configuring the Web Player

Procedure

On the computer that runs Spotfire Server, open a command-line interface. (See also Executing commands on the command line.)
To create an OAuth2 client registration in TIBCO Cloud, and get registration information, run the command register-as-tibco-cloud-client.
Make sure you create your client registration in the TIBCO Cloud region where you have your subscriptions. The following are sample commands for the different regions:
AWS - United States
```
register-as-tibco-cloud-client -Cinfo@example.com
```
AWS - Europe
```
register-as-tibco-cloud-client -Cinfo@example.com --tibco-cloud-hostname=eu.account.cloud.tibco.com
```
AWS - Australia
```
register-as-tibco-cloud-client -Cinfo@example.com --tibco-cloud-hostname=au.account.cloud.tibco.com
```
Microsoft Azure - United States
```
register-as-tibco-cloud-client -Cinfo@example.com --tibco-cloud-hostname=account.us.azure.cloud.tibco.com
```
Note down the registration information that you receive after running the command.
Also on the computer that runs Spotfire Server, export the Spotfire.Dxp.Worker.Host.exe.config file (Spotfire.Dxp.Worker.Host.dll.config file for services installations on Linux). See the instructions in the topic Manually editing the service configuration files.
Then add the registration information to the Spotfire.Dxp.Worker.Host.exe.config/ Spotfire.Dxp.Worker.Host.dll.config file in the <Spotfire.Dxp.Data.Access.Adapters.Settings> settings. There, you must add them to the OAuth2ClientRegistration setting under <registrations>.
```
<Spotfire.Dxp.Data.Access.Adapters.Settings>
  <setting name="OAuth2ClientRegistrations" serializeAs="Xml">
    <value>
      <registrations>
        <registration issuer="My issuer">
          <client-information>My registration information</client-information>
        </registration>
      </registrations>
    </value>
  </setting>
</Spotfire.Dxp.Data.Access.Adapters.Settings>
```
Note: The issuer that issues OAuth2 access tokens differs for each TIBCO Cloud region. Therefore, you must add the registration information to the configuration for each region where you have registered the Web Player. Your Web Player can be registered in multiple regions at the same time. In this case, you have several <registration issuer="My issuer"> entries and their corresponding <client-information> under the OAuth2ClientRegistrations setting.