Authentication with SSO - Fluid Topics - Latest

Fluid Topics API Reference Guide

Category
Reference Guides
Audience
public
Version
Latest

This public web service allows a user to sign in using a single sign-on mechanism (SSO).

In a context where Fluid Topics is integrated into a larger portal where users are already connected via an SSO mechanism, users can authenticate in Fluid Topics without having to enter their credentials again.

As a result, the user is authenticated for the current session, and all later calls to public Fluid Topics web services take the authenticated user's profile, roles, and rights into account.

This web service works for the following authentication realms:

Method Endpoint
GET /api/authentication/sso/{realmId}/login?urlAfterLogin=https://...
Path parameter Type Description
{realmId} String The realm identifier as configured in the Authentication administration interface.
Query parameter Type Required? Description
urlAfterLogin String No If this parameter is not defined, the user is redirected to the tenant's base URL when signing in via an SSO mechanism.

This web service can be used as the src of an <iframe> integration.

After the web service call, up to three HTTP redirections occur:

  1. The browser is redirected to the URL of the SSO provider as defined in the realm's configuration.
  2. If authentication is successful on the SSO provider's side, the user is redirected to the Fluid Topics callback URL configured for the realm.
  3. If Fluid Topics accepts the request to authenticate the user, the user is redirected to either the URL defined in the "urlAfterLogin" parameter or to the tenant's base URL.

Use case

This web service is usually meant to:

  • redirect users to the page they are coming from, as in the following example: If users sign in from the Reader page, the web service sends them back to the Reader page after signing in.
  • display an authenticated Fluid Topics portal in an <iframe> at a given page: the homepage, a given topic, etc.