Setup Instructions for Social Enabler and the Social Business Toolkit

As requested from several people here are some instructions for how to set up the Social Enabler. I wrote earlier a 50 pages documentation. However I’ve heard some people consider it too long and it doesn’t tell readers easily how to get started. So let me try it again.

You need to put XPagesSBT.nsf and WebSecurityStore.nsf into your Domino data directory and sign them as always. Some samples like the Connections samples that work against the Connections instance deployed on the Lotus Greenhouse work directly. Most of the other samples however don’t because some configuration needs to be done first. For all samples that use OAuth (SBT, Dropbox, LotusLive, Twitter) application keys need to be obtained and then put in the security store. Here is how to do this for the Social Business Toolkit.

You need to register a new application on Greenhouse.

Then you need to find out the URLs of the REST services endpoints. For the SBT this can be found in the Wiki.

Next you need to open KeysApplications.xsp, create a new application key document and define the keys of the application and the URLs.

Here is the data as text so that you can copy and paste.
XPagesSBT
Greenhouse
https://greenhouse.lotus.com:443/vulcan/security/provider/requestToken
https://greenhouse.lotus.com:443/vulcan/security/provider/authorize
https://greenhouse.lotus.com:443/vulcan/security/provider/accessToken

For the SBT the secret key is only one string without spaces (little bit confusing from the UI – see above).

In order to test the SBT I use the embedded experience and the API test application.

Additionally there are a couple of security related settings which are important to understand. First of all you need to assign access to the document with the application keys to the ID with which you signed the two NSFs. In the screenshot above I’ve entered both OpenNTF servers and my own user ID. When you use the web UI to do this these names are added to the document in an authors field and a readers field.

In the last step you need to configure the ACL of the security store. Anonymous must not have access to this database. All users who you want to be able to use the Social Enabler OAuth functionality need to have author access. This is so that their user keys can be stored in this database so that they only have to do the OAuth dance once.