JavaScript API Methods \ Single Sign-On

The following methods can be used with our Single Sign-On service. Single Sign-On automatically signs users in as they browse between multiple and independent websites in your network. The Single Sign-On implementation guide is available here.

Single Sign-On Methods

do_register_sso_session

SSO Feature

This method has to be called on every page and only for users that are already logged in into your website.

Calling this method will set a cookie with the Single Sign-On session token for the user that is currently browsing your website. By doing so the Single Sign-On service will be able to recognize the user when he switches from one of your websites to another. A new sso_session_token can be generated using our API.

Default: no value

	/* 
	Signature 
		<sso_session_token> : string (sso_session_token generated by the OneAll API)
	*/
	_oneall.push(['single_sign_on', 'do_register_sso_session', <sso_session_token>]);


	/* Example */
	_oneall.push(['single_sign_on', 'do_register_sso_session', '98329eba-6ba6-41ff-b8e0-1479ae03e939']);

do_check_for_sso_session

SSO Feature

This method has to be called on every page and only for users that are not logged in into your website. A valid callback uri must be set in order to use this method.

When calling this method the Single Sign-On service will try to recognize the user that is currently browsing your website and redirect him to the callback_uri if an active Single Sign-On session could be found.

In the callback script you can then retrieve the user's details and decide if you want to create a new account for this user or if you want to log him in with an existing account.

	/* 
	Signature 
		- This method accepts no arguments
	*/
	_oneall.push(['single_sign_on', 'do_check_for_sso_session']);

set_callback_uri

SSO Feature

If the Single Sign-On service recognizes a user, he will be redirected to the URL that you have set using this method. In the callback script you can then retrieve the user's details and decide if you want to create a new account for this user or if you want to log him in with an existing account.

Default: no value

	/* 
	Signature 
		<callback_uri> : string (a full URL to a script on your own server)
	*/
	_oneall.push(['single_sign_on', 'set_callback_uri', <callback_uri>]);


	/* Example */
	_oneall.push(['single_sign_on', 'set_callback_uri', 'https://app.oneall.com/sso-auth/']);

	/* Example (Protocol-relative URL) */
	_oneall.push(['single_sign_on', 'set_callback_uri', '//app.oneall.com/sso-auth/']);

set_sso_realm

SSO Feature

By default, users that have logged in on one of your websites will automatically be logged in on all of your websites that are using the Single Sign-On service. By using a realm you change this behavior and subdivide your websites into groups.

Users logging in on a website in a given realm will automatically be logged in when they vist another website that is part the same (or a dependent) realm, but not when visiting a different realm.

	/* 
	Signature 
		<top_realm> : string (primary sso group)
		<sub_realm> : string (secondary sso group)
	*/
	_oneall.push(['single_sign_on', 'set_sso_realm', <top_realm>, <sub_realm>]);

	/* Realm on Domain1 */
	_oneall.push(['single_sign_on', 'set_sso_realm', 'fruits']);

	/* Realm on Domain2 */
	_oneall.push(['single_sign_on', 'set_sso_realm', 'fruits', 'apples']);

	/* Realm on Domain3 */
	_oneall.push(['single_sign_on', 'set_sso_realm', 'fruits', 'oranges']);

	/* Realm on Domain4 */
	_oneall.push(['single_sign_on', 'set_sso_realm', 'vegetables']);


	/* Ruleset */
	/* Users logging in on the realm ['fruits'] will automatically be logged in on the realm ['fruits', 'apples'] or ['fruits', 'oranges'] */

	/* Users logging in on the realm ['fruits', 'apples'] will not be logged in on the realm ['fruits', 'oranges'] */
	/* Users logging in on the realm ['fruits', 'apples'] will be logged in on the realm ['fruits'] */

	/* Users logging in on the realm ['fruits', 'oranges'] will not be logged in on the realm ['fruits', 'apples'] */
	/* Users logging in on the realm ['fruits', 'oranges'] will be logged in on the realm ['fruits'] */

	/* Users logging in on the realm ['vegetables'] will no be logged in on the ['fruits'] realm or any of it's sub-realms */

User Contributed Notes