I can offer a set of steps that are known to work with github.
First have the same username on APS as the username present in external oauth2 server to be used for authorisation. Then
1 have an account on the external oauth2 authentication application (e.g. github)
2 if using github navigate to setting on github -> OAuth Apps ->
3 here you can register a new application or use an existing one
4 get client id and client secret from github for the app
5 set Hompage URL: http://localhost:<port>/activiti-app and Authorization callback URL: http://localhost:<port>/activiti-app (both of these should be set same as your APS running instance url)
6 update applicaiton.
7 on APS -> open "activiti-app.properties" file and set following properties
security.oauth2.client.checkToken=http://localhost:9999/oauth/check_token -- this property is commented as we are using external oauth2 provider. this need to set only if you are using an internal authentication server (for e.g. Alfresco oauth 2 server)
8 run APS instance and login as "admin" and create a enterprise user same as present on GIT hub
9 As we have username as email we have to edit the username to match GIT hub username
Note: if you want to authenticate user with enternal_id column in APS database need to set up following:
i - open the database of APS and edit "USERS" table
add user id in "enternal_id" field for the create user and save the changes.
ii - set "security.authentication.use-externalid = true " in "activiti-app.properties" file and re-run the aps instance.