Single Sign On User Guide
Single Sign On (SSO) is a feature that enables users to be seamlessly logged in to multiple websites under the same organization without having to explicitly log in to each one of them. We provide a set of APIs that can be easily integrated into websites in order to perform SSO with Social Login or traditional Email/Password Login.
How To Implement Single Sign On
A simple scenario with a group of websites implementing SSO is described below.
The first step to implement SSO is to integrate each website with our Social Login, either using our widgets or APIs (Refer to our Social Login User Guide for more information). Note that, for SSO to work properly, all websites must be using the same Login App in the Social ID platform. After each successful login, a connection_id token will be generated (Refer to Social Login Tokens for a complete reference on how our tokens work and all available APIs).
In the backend service, the connection_id must be validated with the GET login/connections/:id REST API. This integration allows the website to receive user profile information and perform the required authentication in a secure manner. This step should be similar to the integration with the GET login/info REST API described in the Social Login User Guide.
Single Log Out
Another useful use case of SSO is the Single Log Out, which consists in logging the user out from all websites whenever a logout is detected in one of them.