Platform SSO

Platform SSO enables single sign-on for an operator or any enabled account. Using Xenioo SSO API, you can automatically login any user to a specific chatbot if the user is the current owner of the chatbot or is part of the team at any level.

Calling this endpoint requires the SSO Login package. Please be sure to get in touch with Xenioo to discuss your use case and enable the package.

Request

The following request will generate a SSO token for the user [email protected] for a given chatbot.

curl --location --request POST 'https://<SERVICE ENDPOINT>/sso/authorize' \
--header 'Content-Type: application/json' \
--data-raw '{
    "AccountAPIKey":"<...>",
    "BotAPIKey":"<...>",
    "BotAPISecret":"<...>",
    "Email":"[email protected]"
}'

Response

If successful, the response will contain a valid SSO API Token and the full link to the SSO url that can be used in the browser to automatically login the user. The generated toke will expire after 60 minutes..

{ "Data": 
    {
        "Home":"https://....xenioo.com/...",
        "Token":"<...>",
        "Expires": 60
    }
}

The token generated cannot be used for any other type of Platform API requests.

Redirecting and Logout

The Home property of the response contains the full url root of the target chatbot interface. You can add, at the end of the url, the navigation fragments of the section you need to reach and, if the token contains sufficient permissions, Xenioo will automatically redirect the user there.

As an example, given the following Home value:

https://<DESIGNER ENDPOINT>/auth/sso/<token>

You could redirect your user to the selected bot conversation section adding the navigation section at the end:

https://<DESIGNER ENDPOINT>/auth/sso/<token>/conversation

To logout the current user, just call the standard SSO token url adding /logout at the end like in the following example:

https://<DESIGNER ENDPOINT>/auth/sso/<token>/logout

Embedding

If your SSO package also contains the embedding option, you could also build your request to so that the the standard Xenioo header would not be visible. 

curl --location --request POST 'https://<SERVICE ENDPOINT>/sso/authorize' \
--header 'Content-Type: application/json' \
--data-raw '{
    "AccountAPIKey":"<...>",
    "BotAPIKey":"<...>",
    "BotAPISecret":"<...>",
    "Email":"[email protected]",
    "EnableEmbedding":true
}'

Response Codes

This endpoint will reply with the following standard HTTP codes.

Code

Meaning

200

Ok. The request has been successfully fulfilled.

400

Bad Request. The request is incomplete or cannot be carried on with the supplied data.

404

Not Found. The specified chatbot, account or team member have not been found.

PreviousAuthorizationNextBots

Last updated

Was this helpful?