SSO Tokens

Single Sign-On (SSO) tokens are temporary credentials that can be used to log a user into the platform. The SSO workflow is the following:

Use the API to create a token for the user.
Build an SSO endpoint using the value for the token field in the SSO token object returned by the API request. The format is https://start.IMCO_PLATFORM_DOMAIN/users/sso?token=token. An example would be: https://start.imco.example.net/users/sso?token=agsd6as8a6
Redirect the user/make them visit on their browser the built endpoint

GET /v2/admin/users/:user_id/sso_tokens

It lists the SSO tokens recently generated for a user.

None

An array of SSO tokens, each with the following fields:

Field	Type	Description
id	String	Identifier of the SSO token.
expiration	Time	Time at which the SSO token will cease to be valid for authenticating the user into the platform's UI.
expired	Boolean	Flag indicating whether the SSO token has already expired, that is, it is no longer valid for authenticating the user into the platform's UI.
resource_type	String	An identifier for the type of resource, specifically "sso_token".

POST /v2/admin/users/:user_id/sso_tokens

It generates an SSO token for the user.

None

An SSO token with the following fields:

Field	Type	Description
id	String	Identifier of the SSO token.
token	String	The token to be used as credentials to authenticate the user into the platform's UI.
expiration	Time	Time at which the SSO token will cease to be valid for authenticating the user into the platform's UI.
expired	Boolean	Flag indicating whether the SSO token has already expired, that is, it is no longer valid for authenticating the user into the platform's UI.
resource_type	String	An identifier for the type of resource, specifically "sso_token".

DELETE /v2/admin/sso_tokens/:id

Deletes an SSO token, so that it can no longer be used to log users into the platform's UI.

None

None

Contents