SSO Tokens

Contents

SSO Tokens

Single Sign-On (SSO) tokens are temporary credentials that can be used to log a user into the platform. The SSO workflow is the following:

  1. Use the API to create a token for the user.
  2. Build an SSO endpoint using the value for the token field in the SSO token object returned by the API request. The format is https://start.IMCO_PLATFORM_DOMAIN/users/sso?token=token. An example would be: https://start.imco.example.net/users/sso?token=agsd6as8a6
  3. Redirect the user/make them visit on their browser the built endpoint

List SSO tokens

GET /v2/admin/users/:user_id/sso_tokens

It lists the SSO tokens recently generated for a user.

Inputs

None

Returns

An array of SSO tokens, each with the following fields:

Field Type Description
id String Identifier of the SSO token.
expiration Time Time at which the SSO token will cease to be valid for authenticating the user into the platform's UI.
expired Boolean Flag indicating whether the SSO token has already expired, that is, it is no longer valid for authenticating the user into the platform's UI.
resource_type String An identifier for the type of resource, specifically "sso_token".

Back to top

Create SSO token

POST /v2/admin/users/:user_id/sso_tokens

It generates an SSO token for the user.

Inputs

None

Returns

An SSO token with the following fields:

Field Type Description
id String Identifier of the SSO token.
token String The token to be used as credentials to authenticate the user into the platform's UI.
expiration Time Time at which the SSO token will cease to be valid for authenticating the user into the platform's UI.
expired Boolean Flag indicating whether the SSO token has already expired, that is, it is no longer valid for authenticating the user into the platform's UI.
resource_type String An identifier for the type of resource, specifically "sso_token".

Back to top

Destroy SSO token

DELETE /v2/admin/sso_tokens/:id

Deletes an SSO token, so that it can no longer be used to log users into the platform's UI.

Inputs

None

Returns

None

Back to top