Single sign-on (SSO) simplifies user authentication by allowing them to use a single set of credentials across multiple applications and websites securely. This eliminates the need for users to log in separately to each platform, enhancing convenience and efficiency while maintaining robust security standards. By enabling SSO, your DecoNetwork website can offer a seamless login experience, fostering user satisfaction and reducing the friction associated with managing multiple passwords. Click here to learn how SSO works.
The Single Sign-on Settings page within DecoNetwork provides you with the tools to enable and configure SSO seamlessly on your website. This tutorial will walk you through the process of setting up SSO, ensuring you can integrate this powerful authentication service effectively into your site.
Prerequisites
- You must have Administrator permission to use this feature.
- You must be on the Enterprise plan
- The Single Sign-on API app must be enabled
- Programming experience is required to implement SSO on your website
To Enable the Single Sign-On on Your Website:
- Log into your DecoNetwork Website.
- If you are the Fulfillment Center, browse to Admin > Websites.
Select Manage for the store you want to enable the API Settings on.
- Select Single Sign-on Settings.
- Tick the Enable Single Sign-on checkbox.
- Configure the SSO settings.
- Shared Secret: lets you specify a secret key that will be used to verify the JWT. The same key will be used for all JWT requests.
- Login Page: lets you choose whether to show the DecoNetwork Login page, hide the DecoNetwork Login page or specify the URL to an external Login page.
- Register Page: lets you choose whether to show the DecoNetwork Sign-up page, hide the DecoNetwork Sign-up page or specify the URL to an external Sign-up page.
- Token Timeout: lets you specify the expiration period of an SSO access token. The default duration is 30 minutes.
DecoNetwork supports the following JWT attributes:
Name Required Description iat Yes Issued At unix timestamp (number)
jti Yes JSON Web Token ID (stop replay attacks: if the token has already been used it is ignored.) (string)
email No Email of the user being signed in, used to find user if external_user_id is not passed (string)
first_name Yes The first name of the user (string)
last_name Yes The last name of the user (string)
external_user_id Yes This ID will be used to match the user in DecoNetork. If the user's email address is also passed, the email adresss can be changed. company No The name of the company to add the user to (string) phone No The phone number of the user (string) address No The street address of the user (string) city No The city the user resides in (string) state No The state the user resides in (string) zip No The postcode/zip the user resides in (string) country No The country the user resides in (string) - Click Save to save the changes.
Comments
0 comments
Please sign in to leave a comment.