Third Light Developer Exchange

Code and templating community forum for developers and software integrators

You are not logged in.

Announcement

If you wish to join the Developer Exchange, please contact your account manager - this is to avoid unnecessary spam in the forums. Many thanks for your understanding.

#1 2014-02-10 17:10:38

AMRoche
Member
Registered: 2014-02-06
Posts: 4

Is there a way to accomplish Single Sign On using the Thirdlight API?

In theory, at least, i've got a login system working on a remote page which you can log in through, and access the site hosting the Thirdlight API using the session ID.

The question, however, is whether it is possible to authenticate using the API on the remote site, and redirecting to a page on the main Thirdlight-hosting site without using an API key, or sign in on the site hosting the thirdlight API and then access some kind of variable passed to the remote page which shows the user as already authenticated?

Alternatively, any ideas on how to have a user session persist across a site hosting the Thirdlight API and an external site referencing that instance of the API?

I'm sorry if i've done an awful job at explaining; will answer any questions to try and make my point clearer!

Alex

Offline

#2 2014-02-18 17:29:16

dominic
Third Light Staff
Registered: 2013-06-06
Posts: 96

Re: Is there a way to accomplish Single Sign On using the Thirdlight API?

Hi Alex,

If you sign in a user using the API from a remote site, you can pass the session ID (returned from the login call) as a GET parameter when redirecting to the Third Light site (use formphpsessionid=).

The reverse direction will depend on whether the browser connects directly to the IMS API. If it does, then it would send the session cookie with the requests (so they will still be logged in). If it is a server-to-server API request then this information would not be available.

Dominic

Offline

Board footer