How to create a link for users auto-login

[tab:Actions]

In some cases it may be necessary to perform login to THRON platform without using user credentials (username and password); it is the case for example of an external partner or a freelancer who must use THRON services but who you do not want to provide with credentials. In this case you can simply allow him to use the token of an active session which can be invalidated after use.

 

Requirements

 

First you need to obtain a valid session token. To do so you can use the service login of identitymanager which is located within xsso. Using  the proper parameters such as the username and password of a registered user, the service will return a valid tokenId which can be used to connect to the platform without typing the credentials.

 

How to log in using a valid tokenId

 

Once a valid tokenId has been generated, it can be used to connect to the platform by simply hanging it it at the end of the login url, like this:

 

//<clientId>.thron.com/#/login/<tokenId>

 

You can even place a redirect in the auto-login url, in order to point the user to a specific page in case the login fails. You have to use this expression:

 

//<clientId>.thron.com/#/login/<tokenId>>www.thron.com

How to invalidate token after use

 

Once collaboration within the platform is over, it may be necessary to invalidate the token, in order to avoid subsequent or unwanted accesses. To do this, you simply have to invoke the logout service of identitymanager, which is located within xsso, using the tokenId as a parameter within the request. From that point on, that specific token can no longer be used to connect to the platform.

[/tab] [tab:Code Samples]

You can test involved web services in the developer portal at the following links:

[/tab]

Was this article helpful?
0 out of 0 found this helpful

Have any question?

Open a ticket
Comments