Forum Discussion

Adept

13 years ago

Authentication: REST API and SSO

Hi,

I've had a look through these forums and I can't see anything that specifies a similar problem.

Using asp.net I am completing the following steps during a login process and running into a SSO authentication problem:

1) On server (currently just local dev box), Call LithiumSSOClient and receive a HttpCookie containing the token.
2) Use the token contained in the HttpCookie to call the REST API login function, passing it the token. This logs in fine, I get a response and a session key back. I can then make further calls do other rest API methods using this session key.
3) Place the cookie containing the token in the browser.

This is fine, until:

4) user goes to the lithium demo site in the browser: an error message appears "unable to authenticate" in a red box with 5 possible solutions.

The strange thing is, if I just call step 1 and 3, and do not try and login via the REST login service, when I visit the lithium site, SSO works just fine.

I also notice when we call the rest API, it returns a number of set-cookies in the response. I have tried setting these cookies in the browser before step 4. This stops the authentication failed message, however it does not log the user in either.

the lithium site we are using is:

http://sydney.demo.lithium.com

Also, the user we are trying to authenticate is a regular user, not an admin user.

Any help or pointers would be much appreciated,

Thanks

Chris

AdamN
13 years ago
Hi Chris,

SSO Tokens are intended to be used for authentication only once.I would suggest creating separate SSO token: one to be used in the browser, and one to be used for the REST API.

Regards,

Adam

AdamN
Khoros Oracle
13 years ago
Hi Chris,

SSO Tokens are intended to be used for authentication only once.I would suggest creating separate SSO token: one to be used in the browser, and one to be used for the REST API.

Regards,

Adam
- sdenisov
  Adept
  13 years ago
  Thanks Adam, that was exactly it
  - sylvain_mouquet
    Guide
    13 years ago
    Hi,
    
    I have the same problem but i dont understand what i must to do for solving it.
    For well understanding, we need to create 2 cookies (or we can call to getLithiumCookieValue() only for the REST API)
    The clientId must be different between the 2 cookies ?
    If we create 2 cookies, how the forum is able to select the right cookie ? (if it select the cookie created for REST API, the token is already consumed)
    
    Further, there is a relation between the cookie and the ip of the server which create the cookie ? when i create a sso cookie from a configurated server the forum authenticate correctly the user. When i create the cookie from my local pc (127.0.0.1), the cookie is created but the forum does not authenticate the user.
    
    On the stage environnement, there is an option for getting more logs in the http response for getting help for debugging ?
    
    Thanks in advance
    Sylvain

Forum Discussion

Authentication: REST API and SSO

Related Content

API Authentication

facebook authentication rest api

Rest API Outside Community

Community REST-API: Get all tags available

Unable to Authenticate using API V2

Recent Discussions

API v1 docs gone since Atlas migration to Aurora

Does anyone know how to change the display title of Custom Fields in Aurora?

Can someone walk me through authenticating and using Postman with Aurora?

Seeking Advice on Restricting Access to a posts to those who have the permalink.

TinyMceEditor is undefined