Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Excerpt |
---|
Token-based authentication has been introduced for allowing single sign-on between your main web site and the BSS. Users that have already logged in your Portal will be able to automatically login to the BSS without entering their credentials. |
Setting up the BSS Mechanism
On BSS, navigate to: BSS > Setup > Administration > System Options > BSS Login Settings (as explained in this Documentation)
Click on "Settings (Custom)".
On the following page, please provide a name to the Instance Name text field.
- Choose one of the two hash Algorithms (MD5 or SHA256), from the drop-down menu, for the encryption.
- Paste your [Hash Key] to the Hash Key text field.
- Then click on the "Save" button.
Click on "Activate" from the top bar and the token-based authentication is ready to be used.
Client-Side Parametrization for Token-Based SSO
The following notes are a systems' communication example as well as an implementation guide for the client-side infrastructure so that the single sign-on between your main web site and the BSS can function without issues.
Url Parameters:
- token: Is a required parameter for user authentication.
- refurl: Is an optional parameter for redirecting users after their login.
The link from your portal to the BSS should be of the form https://{SYSTEM_URL}/externalauth/CSTM_TOKEN/{INSTANCE_ID}/?token={Algorithm}({Email/Username}{HashKey}) where the token should be encrypted using either the MD5 algorithm MD5(Email/Username+Hash_Key) or the SHA256 algorithm SHA256(Email/Username+HashKey).
- Email/Username: It must be the email of the BSS user you have provided in your BSS.
- HashKey: A value you will decide.
What you should implement is a mechanism through which you will collect your customers' emails and use it for creating the token and redirecting the customer to the BSS.
Table of Contents
Table of Contents | ||
---|---|---|
|