Khoros Single Sign-on (SSO) enables you to integrate your sign-in and registration system with your Khoros community member system. To create a seamless sign-in experience for community members, the Khoros SSO solution enables your user system to:

• Create a new member account in your community 
• Sign in a member to the Khoros system
• Change a member's personal profile parameters in the Khoros system by assigning a role
• Change a member's permission levels in the Khoros system

Members sign in as usual through your main site. After they sign in, they are forwarded to the Khoros site and are automatically signed in or registered in the Khoros system. 

To integrate with Khoros SSO, the client system must:

• Be able to create Khoros SSO tokens from its user system
• Have the Khoros SSO libraries installed
• Have a client-specific C encryption key installed

SSO workflow diagrams

Khoros supports cookie-based and parameter-based workflows.

Cookie-based Khoros SSO

Parameter-based Khoros SSO

SSO Sign-Out Flow

The flowchart below shows where members are directed upon sign-out.

Khoros (Lithium) SSO libraries

Khoros issues the Khoros SSO libraries (Java, .NET, or PHP) and a unique encryption key for each deployment.

Information for all three versions is provided in the attached SSO Guide. Additionally, you can refer to the attached flowchart for a diagram that explains how SSO works with the Khoros Platform. 

Note: When using the .NET library, you must have the .NET Framework, not just .NET Core available for all requests to operate properly.

Related topics:

• Khoros Aurora auto-sign in
• Configure SSO settings for the community