问题
I'm trying to use the OneLogin API to create my own Single Sign On Portal. As such, I need to call the 'session_via_api_token' method to establish a session and load the OneLogin domain cookies. The documentation shows example usage of the method by submitting an html form post. As far as I can tell, the example isn't just one way to do it... it's THE ONLY way to do use it.
I would really prefer not to have to use a form post.
From experimenting, it seems that I cannot call it via javascript AJAX (cross domain issues and CORS headers are not present) or via tomcat servlet (the servlet cannot pass the domain cookies back to the browser).
Am I out of luck or is there some other way of establishing and retrieving session information?
回答1:
For the time being, this endpoint only supports form POST I'm afraid.
Details here: https://developers.onelogin.com/api-docs/1/samples/login-user-via-api
Having said that, we have an enhancement in our pipeline to support this endpoint via AJAX (for exactly the reasons you outlined) so check back soon.
来源:https://stackoverflow.com/questions/37709781/onelogin-does-session-via-api-token-have-to-be-called-via-form-post