Admin Site to External App
Generate an encrypted token you can add to an Admin site (Corporate Admin, Web Office Admin, and eCommerce Admin) navigation link. The links/tokens generate within the security scope of a logged-in Admin user. When the user clicks the link, the target website confirms the token using this method. When successful, the method returns the user's information indicating the token belongs to them.
Endpoint: Get Admin User for SSO Token
Request URL: https://dsapi.directscale.com/v1/sso/admin/token/{token}
You can add the SSO link to any Admin site navigation using Custom Admin Pages. You must include the {DirectScale:AdminToken}
variable in the URL using the in the token
parameter. For example, https://www.company.com/admin?token={DirectScale:AdminToken}
⚠️Important
The token remains valid for ONE MINUTE.
❗️Warning
For security purposes, do this process in the back-end, not with JavaScript in the browser.
Sign-in Process
A logged-in Admin user clicks the SSO link. This calls the DirectScale server and generates a link to the external app with a short-lived token substituted in the URL. The browser then redirects to the external app with the DirectScale token added to the URL. The external app calls the DirectScale API to get the Admin user information from the token.
The external app returns its page to the Admin with the session established.
Updated over 3 years ago