Sample SSO configuration

Created: 2015-04-23
Last updated: 2016-06-08
Post view count: 1194

Sugester supports logging in through accounts from third-party websites that have login APIs. When a user tries to log on to the Sugester forum our serves query the third party API and authorize login based on the response.
Example of a third party API:
query: https://yourwebsite.com/loginCheck.php?login={{login}}&password={{password}}
response: {"status":"ok","email":"vailid_email@domena.pl","login": "valid_login"}
or
{"status":"error"}
If the login and password are correct, the third-party website responds with some form a user ID (an e-mail or nickname) which is then displayed in Sugester.
Configuring SSO for Sugester
To configure SSO for Sugester go to Settings => Account settings => SSO URL and paste the SSO URL from your website in the provided space.
Sample SSO Configuration
3 Servers
S1 - the server on which Sugester runs, for example: http://domain.sugester.com
S2 - the server on which the bridging app runs, for example: http://bridge.domain.com
S3 - your server with an ActiveDirectory/LDAP/other user base

Bridging app
A small app which runs on S2 under the domain http://bridge.domain.com. After being queried (for example with https://most.domena.com/checkLogin.php?login=user1&password=hunter2) it communicates with S3 and checks whether a user 'user1' exists in the database and confirms if his password is 'hunter2'. If so, it returns 'yes'; if not, it returns 'no'.
This way Sugester (S1) queries the bridging app (S2) which in turn queries your user database (S3), but no credentials are shared with directly with us (S1).


Back


Add Comment