Security News
Astral Launches pyx: A Python-Native Package Registry
Astral unveils pyx, a Python-native package registry in beta, designed to speed installs, enhance security, and integrate deeply with uv.
By Sarah Gooding - Aug 13, 2025
omniauth-tipalti
OmniAuth Tipalti
Strategy to authenticate with Tipalti via OAuth2 in OmniAuth.
Installation
Add to your Gemfile:
gem 'omniauth-tipalti'
Then bundle install.
Tipalti Setup
Visit the Tipalti Developer portal and create your developer application.
Make note of your Client ID and Client Secret.
Make sure you set your Return URL to the full path to your application.
Usage
For additional information, refer to the OmniAuth wiki.
Rails
Standard
Here's an example for adding the middleware to a Rails app in config/initializers/omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :tipalti,
ENV['TIPALTI_CLIENT_ID'],
ENV['TIPALTI_CLIENT_SECRET'],
redirect_uri: Rails.application.routes.url_helpers.my_integration_response_url
end
You can now access the OmniAuth Tipalti OAuth2 URL: /auth/tipalti
If you are using a Tipalti sandbox applicaiton, you can optionally set the site:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :tipalti,
...
client_options: {
site: ' https://sso.sandbox.tipalti.com',
},
...
end
Dynamic
If your Rails application needs to support multiple Tipalti applications, you can pass in your configuration dynamically:
Rails.application.config.middleware.use OmniAuth::Builder do
TIPALTI_SETUP_PROC = lambda do |env|
request = Rack::Request.new(env)
# Load dynamic content into dynamic_content
env['omniauth.strategy'].options[:client_id] = dynamic_content.client_id
env['omniauth.strategy'].options[:client_secret] = dynamic_content.client_secret
end
provider :tipalti,
redirect_uri: Rails.application.routes.url_helpers.my_integration_response_url
setup: TIPALTI_SETUP_PROC
end
Configuration
You can configure several options, which you pass in to the provider method via a hash:
-
scope: A space-separated list of permissions you want to request from the user. -
redirect_uri: Override the redirect_uri used by the gem. Note this must match exactly what you specified in the WhoPlusYou Developer Portal in your Client Domains setting.
License
Copyright (C) 2023 Jordan Ell. See LICENSE for details.
FAQs
Unknown package
We found that omniauth-tipalti demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 14 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Static vs. Runtime Reachability: Insights from Latio’s On the Record Podcast
The Latio podcast explores how static and runtime reachability help teams prioritize exploitable vulnerabilities and streamline AppSec workflows.
By Sarah Gooding - Aug 13, 2025
Security News
Opengrep Adds Apex Support and New Rule Controls in Latest Updates
The latest Opengrep releases add Apex scanning, precision rule tuning, and performance gains for open source static code analysis.
By Sarah Gooding - Aug 12, 2025