Forum Discussion

galbriner's avatar
galbriner
Contributor
6 years ago

SDK snippet and SSO

Hi,

I would like to know if I can run our javascript sdk on every page,
where that javascript will add an iframe that will be shown on top of the community content.
Also, is there an option to use SSO in that case, where lithium is the authorization server.

 

The motivation is as follow:
I would like show users a content about our products specifically targeted to them,
for that I need an option to show a content and to know who is the user.

Therefore I though to add our javaScript sdk that will get the content and show it as iframe, is that possible?
Also I need to know who is the user in order to target the content to him, and for that I need the user to be authenticated preferably with SSO,  is that possible?

Thanks,
Gal

  • cike's avatar
    cike
    Champion
    6 years ago

    Hi galbriner,

    there are several options to add JavaScripts snippets and make them available on every page:

     

    1. Put your JavaScript code in a separate .js file and add this file to the assets folder. You can then link the file via the common HTML <script> tag in the head.ftl file of your skin. (This will include your script in the HTML <head> section of the DOM.)
    2. You can use a component called last_chance_html.ftl, which will be added at the end of the DOM on every page. Here you can include your JavaScript also via the <script> tag and a .js file or write the code in the component directly, using Lihtium's <@liaAddScript> directive.

    I would recommend using an endpoint which will fetch the information from the external system and build the response, e.g. the HTML code of your iFrame. With this your community user can authenticate via SSO and you can send user data (e.g. mail) as a parameter to your endpoint and finally to your external service to fetch personalised data.

     

    Regards,

    Christian

    • galbriner's avatar
      galbriner
      Contributor
      6 years ago
      Hi Christian,

      Thanks for the quick response,
      Regarding SSO, maybe I wasn't clear (or maybe I don't understand the
      answer),
      what I actually want to do, is to authenticate there users to my endpoint
      with lithium credentials, so that any lithium user, will automatically be
      logged in to my endpoint (so I should get a token that I can validate with
      lithium endpoint)

      Thanks,
      Gal
      • galbriner's avatar
        galbriner
        Contributor
        6 years ago

        Since I do not have an account yet,

        is there an option to get test account, in order to verify that I can implement the javascript as I plan?
  • ClaudiusH's avatar
    ClaudiusH
    Khoros Alumni (Retired)
    6 years ago

    Hi Gal and welcome to the Lithium community,

    Just to get it out of the way: Lithium Community itself cannot act as an SSO as the authorization server. But Lithium Community can easily use your existing SSO infrastructure to have your customers authenticate against that. introduction to this concept is available here: https://lithosphere.lithium.com/t5/Single-Sign-On-SSO/About-Lithium-Single-Sign-On-SSO/ta-p/108917

    For your scenario you might not actually need a complex full SSO setup though: Lithium Community has roles and associated permissions built in. That means you could assign a customer (or even individual product) role to your community members. Then you can create a custom component on your Lithium Community pages that checks against the presence of this role for the current member and would only include your JavaScript SDK to embed the iframe with your content if that role is present.

    You can assign these roles after a manual review / matching with your CRM record or if you go for the SSO route have them automatically populated with the product records from your CRM.