JavaScript API Methods \ Single Sign-On

Automatically sign users in as they browse between multiple and independent websites in your eco-system or among partner sites. Share user data between multiple websites on different domains and take away the need for your users to register new accounts or re-enter their authentication credentials on each of your websites.

The Single Sign-On implementation guide is available here.

do_register_sso_session

This method has to be called on every page and only for users that are logged in into your website.

Calling this method will set a cookie with the Single Sign-On session token for the user that is currently browsing your website. By doing so the Single Sign-On service will be able to recognize the user when he switches from one of your websites to another. A new sso_session_token can be generated using our API. 

    // Registers a new Single Sign-On session for the current user. 
    _oneall.push(['single_sign_on', 'do_register_sso_session', <sso_session_token>, <force_cookie>]);
    
    /*
      <sso_session_token> : string, required 
      The value must be a sso_session_token generated by the OneAll API.
         
      <force_cookie> : boolean, optional, defaults to false 
      Per default the cookie is set only once. Set to true to set the cookie on each pageview.    
     */

do_check_for_sso_session

This method has to be called on every page and only for users that are not logged in into your website.

When calling this method, Single Sign-On will try to recognize the person that is currently browsing your website and redirect that user to the specified callback_uri if there is an active Single Sign-On session. 

    // Checks if the user has a Single Sign-On cookie and redirects him to the callback uri if it's the case.
    _oneall.push(['single_sign_on', 'do_check_for_sso_session', <callback_uri>, <relogin_same_domain>]);
        
    /* 
      <callback_uri> : string, required
      A full URL to the callback script on your server.
    
      <relogin_same_domain> : boolean, optional, defaults to true
      Set to false to redirect the user only once per domain.
    */

do_event_for_sso_session

When calling this method, Single Sign-On will try to recognize the person that is currently browsing your website and launch the given function if there is an active Single Sign-On session. 

    // Checks if the user has a Single Sign-On cookie and executes the given function if it's the case.
    _oneall.push(['single_sign_on', 'do_event_for_sso_session', <event>, <relogin_same_domain>]);
        
    /* 
      <event> : JavaScript function, required
      The function that will be executed. 

      Example - the session data is available as first argument: 
      var event = function(data) {
        console.log(data);
      }
    
      <relogin_same_domain> : boolean, optional, defaults to true
      Set to false to execute the function only once per user per domain.
    */

set_sso_realm

By default, users that have logged in on one of your websites will automatically be logged in on all of your websites that are using the Single Sign-On service. By using a realm you change this behavior and subdivide your websites into groups.

Users logging in on a website in a given realm will automatically be logged in when they vist another website that is part the same (or a dependent) realm, but not when visiting a different realm. 

    // Defines the realm of the current Single Sign-On session.
    _oneall.push(['single_sign_on', 'set_sso_realm', <top_realm>, <sub_realm>]);
    
    /* 
    <top_realm> : string, required
    This is the primary Single Sign-On group.

    <sub_realm> : string, optional
    This is the secondary Single Sign-On group. It can be used to subdivide the top realm.
    */
            
    /* 
      Users that have per example logged in on ...
      ... the realm ['fruits'] will also be logged in on the realm ['fruits', 'apples'] or ['fruits', 'oranges'] 
      ... the realm ['fruits', 'apples'] will not be logged in on the realm ['fruits', 'oranges'] 
      ... the realm ['fruits', 'apples'] will be logged in on the realm ['fruits'] 
    */

set_debug

By using this method you can enable the Single Sign-On debugging mode. If enabled, Single Sign-On will write informational messages on how it processes the data to the browser's console.

Default: false 

    // Enables or disables the debugging mode.
    _oneall.push(['single_sign_on', 'set_debug', <enabled>]);
    
    /* 
    <enabled> : boolean (true, false)
    Enables or disables the debugging mode.
    */

User Contributed Notes