1. 技术文章
  2. Accessing Third Party Apps After Creating A Session Via API Token

Accessing Third Party Apps After Creating A Session Via API Token

匆匆过客 提交于 2019-12-11 04:41:43

问题


I've scoured the api docs, as well as StackOverflow, and I've yet to find the answer to my question. And it is possible I'm misunderstanding how the system works.

Here's the scenario our client wants:

  1. User logs into our website
  2. At which point we authenticate the user in our system, and One Login via the api.
  3. After the user logs into our dashboard, they can click an link and be redirected to their third party analytics app due to the fact that I've created a new session with One Login.

Here are the steps I've completed.

  1. I've successfully received an access token via --> https://developers.onelogin.com/api-docs/1/oauth20-tokens/generate-tokens
  2. I've successfully used the access token to generate a session login token via --> https://developers.onelogin.com/api-docs/1/users/create-session-login-token
  3. I've successfully used the session login token to create a new session.

I'm receiving the proper cookies from One Login after making the create new session request, and - at that point - if I enter the URL onelogin.com/login, I am taken directly to the dashboard.

At this point I know I'm properly authenticated with One Login. However, I'm not sure how to directly access a third party app from a link on our website.

Thanks.


回答1:


Two ways:

If the app supports SP-initiated SAML, just navigate the user to the application and it'll do the whole SAML flow- App redirects to OneLogin - OL authenticates user (because you have a session) --- redirects SAML to app

Use the launch endpoint - You can create a URL to an app by using this format: https://app.onelogin.com/launch/{app-id}. For example, you can provide a link to an app like this:

<a href="https://app.onelogin.com/launch/123456">Time Reporting</a>

Details on that endpoint can be found here: https://developers.onelogin.com/api-docs/1/embed-apps/get-apps-to-embed-for-a-user

Take note that you're probably going to want to use the optional flag that makes sure to redirect to your login page, not OL's if you've built a login facade.



来源:https://stackoverflow.com/questions/42728640/accessing-third-party-apps-after-creating-a-session-via-api-token

标签
onelogin
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!