Sign In With SSO - Fluid Topics - 3.4 - Reference Guides

Fluid Topics API Reference Guide

Product
Fluid Topics
FT_Version
3.4
Category
Reference Guides
language
English
audience
public

This public web service allows a user to authenticate via an SSO mechanism (SAML, Google, Twitter, or OpenId Connect), and to redirect the browser to the URL given in the query parameter.

In a context where Fluid Topics is integrated in a larger portal where users are already logged-in to an SSO system, users will be able to authenticate to Fluid Topics without being asked to enter their credentials again.

As a result, the current session is authenticated and all subsequent calls to FT public API take the authenticated user's profile/roles/permissions into account.

This web service works for the following authentication realms:

  • SAML
  • Google
  • Twitter
  • OpenId Connect

Method

Endpoint

GET

/api/authentication/sso/$REALM_ID/login?urlAfterLogin=http://...

Where:

  • "urlAfterLogin" should be a given page of the Fluid Topics integration.

This web service can be used as the "src" of an iframe integration.

After the web service call, up to three HTTP redirections occur:

  • The browser is redirected to the SSO-provider URL specified in the configuration (different for SAML, Google, Twitter, or OpenId Connect).
  • If the authentication is successful on the SSO-side, the SSO provider redirects the browser to the configured callback Fluid Topics URL (different for SAML, Google, Twitter, or OpenId Connect).
  • If Fluid Topics accepts to authenticate the user, the browser is redirected to its final destination: the "urlAfterLogin" specified in the query parameter.

Usual use case

This web service is usually meant to:

  • redirect users to the page they are coming from, as in the following example:
    • If users sign in from the Reader page, the web service sends them back to the Reader page after signing in.
  • display an authenticated Fluid Topics in an iframe at a given page: the homepage, a given topic, ...