SSO tickets in the Loginapp UI

SSO tickets can be used to authenticate users in the Loginapp UI.

The Loginapp UI can extract SSO tickets from URLs and send them to the Loginapp REST API for verification.

Configuration hints

  1. Configure the Loginapp REST API as described in SSO ticket authentication in the Loginapp REST API. Make sure to use a Loginapp UI SSO Ticket Extractor in the SSO Ticket Authentication Step. The extractor is capable of extracting the SSO ticket from the REST request sent by the Loginapp UI.
  2. Go to:
    Loginapp >> UI Settings >> Authentication UIs
  3. Configure one or more SSO Parameter Names. The list defines the HTTP GET parameter names that are used to extract SSO tickets from the request.
  4. Note that this property is defined in the Authentication UIs for all Flow UIs.

Usage examples

SSO tickets can be processed by the Loginapp UI in the following types of URLs:

  • Direct application access with GET parameter (application id is sso-ticket in this example):
  • GET /auth/ui/app/auth/application/access/sso-ticket?sso=eyJhbGciOiJI…
  • Direct application access with fragment (application id is sso-ticket in this example):
  • GET /auth/ui/app/auth/application/access/sso-ticket#sso=eyJhbGciOiJI…
  • Access with location parameter (requires an Application Selector to be configured in the target application):
  • GET /auth/ui/app/auth/application/access?Location=some-target-url&sso=eyJhbGciOiJI…

    Note that the sso parameter is in the URL but not inside the Location URL.