SSO Redirection

The client has to generate temporary token for SSO and redirect the user to Xoxoday with this temporary token. Let’s discuss the steps.There are two methods for this.

SSO Token from Company Session

Following request has to be made with Company Bearer Authorization access token to fetch temporary SSO token. Via this the user is also registered automatically if not already registered.

curl -X POST {OAUTH_URL}/v1/oauth/sso/stores/company
-H 'Authorization: Bearer eyJ0b2tlbkNvbnRlbnQiOnsiaXNzdWVkRm9yIjoiRnJlc2h3b3JrcyIsInNjb3BlIjoiIiwiaXNzdWVkQXQiOjE1NTk5MTk4ODE2MDEsImV4cGlyZXNBdCI6IjIwMTktMDYtMjJUMTU6MDQ6NDEuNjAxWiIsInRva2VuX3R5cGUi'
--header 'Content-Type: application/json'
-d '{
  "user_input": "email@example.com",
  "tpd":{//this is third party session data to be sent by the client (eg. Darwin) with which xoxoday calls api for fetching and redeeming points.This is still under development. 
   "auth_header":"Bearer asdgfjhbsdlkjbasdlkjbadslkbdakasdhfjhfdb==",
   "employee_id":"4356XC90",
   "Uid":"TTEO32S99ERCL"
  }
}

The user gets redirected to the Xoxoday storefront to the following URL with the ssoToken value obtained in the above response:

{OAUTH_URL}/v1/oauth/redirect/stores/{ssoToken}

Last updated