Basic Single Sign-On
Introduction to the Uberall Single Sign-On API functionality using Uberall's own token
Table of Contents
The front end user portal can be used by integrating a Single Sign-On solution. This allows end-users to sign in to only one platform and then not have to sign-in to the user portal afterwards. Single Sign-On is achieved by using the API to produce an access_token and then using that token to log the user into the platform.
Requirements
There are two requirements before using the Single Sign-On features:
1- Having access to an API key.
2- Having an existing set of users.
API Key
The API key can be retrieved from the front-end user platform by any admin-level user. This is done by going to the top-right of the screen into the DropDown List with the current user's email address and clicking on API keys. Both the Private Key and the Public Key will be shown.
*These keys are confidential and should not be communicated via email.
User Creation
Before authenticating users with SSO, those users need to already have been created. Manual user creation is explained here. This can also be achieved via API with this call.
***This is only an example and is not the only way to formulate the body of this call. POST https://uberall.com/api/users headers = { "privateKey": $API_KEY, "Content-Type": "application/json" } body = { "role": $USER_ROLE, "salutation": $USER_SALUTATION, "firstname": $USER_FIRSTNAME, "lastname": $USER_LASTNAME, "email": $USER_EMAIL, "features": [$USER_FEATURE_1, $USER_FEATURE_2], "whitelabelInformationIdentifier": $USER_WHITELABEL_IDENTIFIER, "status": $USER_STATUS, "identifier": $USER_IDENTIFIER, "emailSettings": [ { "emailType": "DIGEST", "frequency": $USER_DIGEST_FREQUENCY }, { "emailType": "UNREAD_REVIEW_NOTIFICATION", "frequency": $USER_REVIEW_NOTIFICATION_FREQUENCY } ], "managedBusinesses": [$USER_MANAGED_BUSINESS_1, $USER_MANAGED_BUSINESS_2], "preferredLanguage": $USER_PREFERRED_LANGUAGE }
All the available fields values can be viewed in the full API documentation.
Signing In With The API
There are different methods to authenticate a user and retrieve an acces_token. All these methods use the same API endpoint. The full user authentication API call documentation can be found here.
Note that the access_token has a time to live and expires, so make sure you take this into account in your user provisioning flow.
Email and password combination
Requires the user to have an assigned known password.
Use the following API call to authenticate a user with the email and password combination:
POST https://uberall.com/api/users/login headers = { "Content-Type": "application/json" } body = { "email": $USER_EMAIL, "password": $USER_PASSWORD } response: { "status": "SUCCESS", "response": { "access_token": "USER ACCESS TOKEN HERE" } }
Email and private key combination
Requires the user email address to be known. The user email can be retrieved upon user creation or with this API call.
Use the following API call to authenticate a user with the email and private key combination:
POST https://uberall.com/api/users/login headers = { "privateKey": $API_KEY, "Content-Type": "application/json" } body = { "email": $USER_EMAIL } response: { "status": "SUCCESS", "response": { "access_token": "USER ACCESS TOKEN HERE" } }
User ID and private key combination
Requires the User ID to be known. The User ID can be retrieved upon user creation or with this API call.
Use the following API call to authenticate a user with the User ID and private key combination:
POST https://uberall.com/api/users/login headers = { "privateKey": $API_KEY, "Content-Type": "application/json" } body = { "userId": $USER_ID } response: { "status": "SUCCESS", "response": { "access_token": "USER ACCESS TOKEN HERE" } }
Once the access_token is retrieved, it can be added to the base url for the user portal to authenticate the user:
https://uberall.com/en/app/uberall?access_token=ACCESS_TOKEN_HERE