Single Sign On

Single Sign On

Single Sign On (SSO)

Single sign-on is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors. (Wikipedia).

Octeth provides you a full featured SSO engine. This feature can be used to integrate Octeth with your other systems and let your users navigate between your services without re-entering authentication credentials.

Octeth supports multiple SSO sources. You can create unlimited amount of SSO sources in Octeth and use them to link multiple third party systems to your Octeth server.

Creating a SSO Source

In order to create a single sign on source, login to the admin area and go to [Admin Area → Settings → Single Sign On] section.

If this is the first time accessing this area, you will have an empty list. Click “Create SSO Source” link to create your first SSO source:

image

On the next screen, enter the name of the source, set a unique code to your SSO source, and fill-in other options:

image
FieldDescription
Source Name
Give a name to your SSO source. This name is private and never displayed publicly.
Source Code
Set a unique code for your SSO. It can be anything such as “mywebsite-test”
Description
Optionally, you can also explain the purpose of this SSO source.
Expires At
Optional. If you would like to expire SSO requests coming from this source, set an expire date for the SSO source.
Valid For
Define number of seconds to keep the SSO link valid. Make sure that you keep your SSO links valid for only a few seconds to minimize the risk of link phishing.
[_] Create New User
Once this option is checked, Octeth will create a new user account with the given information if there’s no matching user accounts in the system.
[_] Login the user
This option will make sure that a unique session is created for the SSO user.
[_] Return the user data
This option will force Octeth to return a JSON response with the user information and session ID instead of redirecting the user to the user area.

Once you create your new SSO source, you will be redirected to the credentials section:

image

You will see an example PHP code that explains how to encrypt the user data you would like to pass in the SSO request.

The id SSO request parameter is the important parameter and it must be unique for each user you are going to pass to the SSO system. Users accounts in Octeth will be created based on these unique ID numbers.

⚠️

WARNING: For security reasons, keep the validity of your SSO links as short as possible, such as 5 seconds.

You can create multiple SSO sources for each one of your integrations or internal systems. SSO authentication feature will give you great flexibility when moving your users from your other system to your Octeth. They will be able to switch between your systems without re-entering their login credentials.

Use Cases

In this section, we have explained how to accomplish different use cases.

Dashboard Access Button

User Account Create

💠

image

Footer Social Icons

©Copyright Octeth, Inc. All rights reserved.