Single sign-on (SSO) is a centralized authentication service that enables a user to use a single set of credentials to securely log in to multiple applications and websites. This prevents the need for the user to log in separately to the different applications. User credentials and other identifying information are stored and managed by a centralized system called Identity Provider (IdP). The Identity Provider is a trusted system that provides access to other websites and applications.
DecoNetwork uses a protocol called JSON Web Token (JWT) to authenticate the user. The token, containing identifying information about the user, is sent to the identity provider as part of a request to authenticate the user. With JWT, a user is automatically verified with the identity provider when they sign in and is allowed access to DecoNetwork without being prompted to enter separate sign-in credentials. Check the JWT to website to learn more about JWT.
The SSO feature is available for integration with DecoNetwork on Enterprise plans via the SSO API. In order to implement SSO on your account, you need to add the SSO API app to your account. You will also need to enable the Single Sign-on feature on your website. See the Single Sign-on Settings article for instructions on how to enable the SSO feature. You will then need a developer to build the integration.
Prerequisites
- You must have Administrator permission to use this feature.
- You must be on the Enterprise plan
- Programming experience is required to implement SSO on your website
To Enable the Single Sign-On API App:
- Log into your DecoNetwork website.
- Browse to Admin and select the yellow + Apps Store button at the bottom of the Main Menu.
- Click Add now on the Single Sign-On API app.
Comments
4 comments
Hi Lee - Can the JWT be generated by the identity provider (as in OKTA)? I've upgraded to enterprise and am trying to onboard with a multinational but their engineers are having trouble doing the integration via OKTA. Any help would be greatly appreciated or if there was someone with the expertise to help me do this even better.
Thanks
Hi Garry,
According to their documentation, OKTA does not support JWT. OKTA supports the OIDC and SAML protocols which, unfortunately, DecoNetwork does not currently support.
Hello Lee,
We are new Deco user and we have external web shop. We are using Deco designer with iframe. We have noticed that at the moment our customers have issues to save their designs and logos because they would also need to make account to our Deco site and they then need to find those there. It is not good customer experience now. We found out from support that this Single Sign-On Api would maybe help us to solve this issue.
Is there more instructions for our developer to build integration? He is not familiar to this, but if we could have more help, please.
Hi Tuomas,
You can find more information here.
Please sign in to leave a comment.