How to create a link for users auto-login

Business Case:

KPI to be measured

Bookmark this resource Follow

Ask a question

Was this article helpful? 1 out of 1 found this helpful


In some cases it may be necessary to perform login to THRON platform without using user credentials (username and password); it is the case for example of an external partner or a freelancer who must use THRON services but who you do not want to provide with credentials. In this case you can simply allow him to use the token of an active session which can be invalidated after use.




First you need to obtain a valid session token. To do so you can use the service login of identitymanager which is located within xsso. Using  the proper parameters such as the username and password of a registered user, the service will return a valid tokenId which can be used to connect to the platform without typing the credentials.


How to log in using a valid tokenId


Once a valid tokenId has been generated, it can be used to connect to the platform by simply hanging it it at the end of the login url, like this:




You can even place a redirect in the auto-login url, in order to point the user to a specific page in case the login fails. You have to use this expression:



How to invalidate token after use


Once collaboration within the platform is over, it may be necessary to invalidate the token, in order to avoid subsequent or unwanted accesses. To do this, you simply have to invoke the logout service of identitymanager, which is located within xsso, using the tokenId as a parameter within the request. From that point on, that specific token can no longer be used to connect to the platform.

[/tab] [tab:Code Samples]

You can test involved web services in the developer portal at the following links:


Was this article helpful?
1 out of 1 found this helpful

Have any question?

Open a ticket