Security News
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers
Hacker Demonstrates How Easy It Is To Steal Data From Popular Password Managers
By Jonathan Leitschuh - Aug 19, 2025
omniauth-tipalti
OmniAuth Tipalti
Strategy to authenticate with Tipalti via OAuth2 in OmniAuth.
Installation
Add to your Gemfile:
gem 'omniauth-tipalti'
Then bundle install.
Tipalti Setup
Visit the Tipalti Developer portal and create your developer application.
Make note of your Client ID and Client Secret.
Make sure you set your Return URL to the full path to your application.
Usage
For additional information, refer to the OmniAuth wiki.
Rails
Standard
Here's an example for adding the middleware to a Rails app in config/initializers/omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :tipalti,
ENV['TIPALTI_CLIENT_ID'],
ENV['TIPALTI_CLIENT_SECRET'],
redirect_uri: Rails.application.routes.url_helpers.my_integration_response_url
end
You can now access the OmniAuth Tipalti OAuth2 URL: /auth/tipalti
If you are using a Tipalti sandbox applicaiton, you can optionally set the site:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :tipalti,
...
client_options: {
site: ' https://sso.sandbox.tipalti.com',
},
...
end
Dynamic
If your Rails application needs to support multiple Tipalti applications, you can pass in your configuration dynamically:
Rails.application.config.middleware.use OmniAuth::Builder do
TIPALTI_SETUP_PROC = lambda do |env|
request = Rack::Request.new(env)
# Load dynamic content into dynamic_content
env['omniauth.strategy'].options[:client_id] = dynamic_content.client_id
env['omniauth.strategy'].options[:client_secret] = dynamic_content.client_secret
end
provider :tipalti,
redirect_uri: Rails.application.routes.url_helpers.my_integration_response_url
setup: TIPALTI_SETUP_PROC
end
Configuration
You can configure several options, which you pass in to the provider method via a hash:
-
scope: A space-separated list of permissions you want to request from the user. -
redirect_uri: Override the redirect_uri used by the gem. Note this must match exactly what you specified in the WhoPlusYou Developer Portal in your Client Domains setting.
License
Copyright (C) 2023 Jordan Ell. See LICENSE for details.
FAQs
Unknown package
We found that omniauth-tipalti demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 14 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Oxlint Introduces Type-Aware Linting Preview
Oxlint’s new preview brings type-aware linting powered by typescript-go, combining advanced TypeScript rules with native-speed performance.
By Sarah Gooding - Aug 18, 2025
Security News
New Website “Is It Really FOSS?” Tracks Transparency in Open Source Distribution Models
A new site reviews software projects to reveal if they’re truly FOSS, making complex licensing and distribution models easy to understand.
By Sarah Gooding - Aug 15, 2025