Single Sign-On Implementation \ Frontend integration

When a users logs in for the first time, a cookie is created on the central server. Whenever the users tries to access a second website or application, this website sends a request to the central server to check if the user is already known.

In this part of our guide we are assuming that you have ...
  1. Accomplished the Backend Integration.
    • You are synchronizing the user's data with the OneAll cloud storage.
    • You are generating a new sso_session_token whenever a user logs in.
    • You are invaliding the sso_session_token when the user logs out.

8. Include our JavaScript library.

The library must be present only once on each page. If you have already implemented another of our services, then you might already have added the corresponding code. In this case you can skip this section.

Our JavaScript library contains the functions required by our services. The library is loaded asynchronously (in the background) and does not increase the loading time of your website.

It is compatible with pages served using both HTTP or HTTPS. The // before the path to the library is a protocol-independent absolute path, which detects whether your site uses HTTP or HTTPS. No modification of the code on secure pages is required.

Our recommendation is to add this code snippet to your website template so that it appears before the closing </head> tag. As it is loaded asynchronously, you can however add it basically anywhere in your template.

<script type="text/javascript">

        /* Replace #your_subdomain# by the subdomain of a Site in your OneAll account */         
        var oneall_subdomain = '#your_subdomain#';

        /* The library is loaded asynchronously */ 
        var oa = document.createElement('script');
        oa.type = 'text/javascript'; oa.async = true;
        oa.src = '//' + oneall_subdomain + '.api.oneall.com/socialize/library.js';
        var s = document.getElementsByTagName('script')[0];
        s.parentNode.insertBefore(oa, s);
            
    </script>

9. Include the Single Sign-On JavaScript.

The SSO JavaScript maintains the SSO sessions for authenticated users and redirects these users to the callback_uri when they switch from one of your websites to another.

Open the template of the website on which you want to enable Single Sign-On and place the following asynchronous JavaScript snippet anywhere in the HTML document. The code should be present on all of the pages.

    <script type="text/javascript">

        /* Dynamically replace #sso_session_token# by the token generated in your backend. */
        var sso_session_token = '#sso_session_token#';
        
        /* Replace #callback_uri# by the URL to your own callback script */
        var callback_uri = '#callback_uri#';
      
      
        /* Initiates the OneAll asynchronous queue */
        var _oneall = window._oneall || [];

        /* ===== This part is for users that are logged in */
        if (typeof sso_session_token === 'string' && sso_session_token.length > 0)
        {
            /* Attaches the SSO session token to the user */
            _oneall.push(['single_sign_on', 'do_register_sso_session', sso_session_token]); 
        }
            
        /* ===== This part is for user that are NOT logged in */
        else
        {      
            /* Redirects the user to the callback_uri if he is logged in on another of your websites */
            _oneall.push(['single_sign_on', 'do_check_for_sso_session', callback_uri]);
        }
      
    </script>

Users should now automatically be redirected to your callback script when they switch from one of your websites to another.

Final Step - Login & Registration

User Contributed Notes