This blog post was first published @ www.fedji.com, included here with permission.
I had left a task unfinished yesterday. When I published my previous post on to my little space in the blogosphere, I kept aside a crucial piece of information. If you haven’t read/viewed my earlier blog on ForgeRock OpenAM Social Authentication (Facebook) Using OAuth2 and don’t know how to configure OAuth2 Authentication Module in ForgeRock OpenAM, I’d request you to first take a look at it.
And now here’s the missing thread: in the last video, we authenticated the OpenAM users against their Facebook Account, but then they had their profile available in the OpenAM Identity Repository as well, which only meant that on Successful Authentication with Facebook, if the users did not have their profile in OpenAM, they were not let in. We take a different stand this time around allowing in even those users without an OpenAM profile, by having OpenAM provision their accounts in its Identity Repository using the attributes returned by Facebook on successful authentication.