Single Sign On Client Implementation
This extension's intent is to give an authorized site (Site A) with a signed in user the ability to direct that user to another authorized site (Site B) without forcing the user to log in again. This portion is strictly for the client implementation of single sign on and is intended for 1st and 2nd party consumers (not 3rd).
OAuth Core 1.0 references and definitions can be viewed : OAuth
Fellowship One OAuth Extension document can be viewed here
Fellowship One OAuth Extension repository can be accessed here
Overview
- Step 1 - Site A goes through the normal authentication process to get an accessToken.
- Step 2 - Site A redirects user to the new api single sign on page with applicationID, accessToken and redirectURL.
Details
- Step 1 - Site A will need a valid accessToken in order to initiate the process. See Authentication for help.
- Step 2 - Site A then redirects the authenticated user (via accessToken) to the Fellowship One Single Sign On (SSO/Index) page passing an applicationID, their accessToken and a redirectURL.
- Ex. redirection: https://demo.fellowshiponeapi.com/v1/SSO/Index?applicationID=6&accessToken=afd011d3-fbd3-4c69-8326-a24fad8d0c34&redirectURL=https://portal.fellowshipone.com/Payment/RDCBatch/Pending.aspx?batch_id=1
- applicationID - This is the ID of the application you wish to send the user to (Site B).
- accessToken - This is the accessToken acquired in step 1.
- redirectURL - This is the exact page you wish to send the user to on Site B's site.
- Ex. redirection: https://demo.fellowshiponeapi.com/v1/SSO/Index?applicationID=6&accessToken=afd011d3-fbd3-4c69-8326-a24fad8d0c34&redirectURL=https://portal.fellowshipone.com/Payment/RDCBatch/Pending.aspx?batch_id=1