Single Sign On Authentication
SigningHub uses OAuth 2.0 to authorize client requests. Business application can call this API to get the access token of user by requesting third party, based on provided method & token. Currently supported third parties are Office 365 and Azure Active Directory.
https://api.signinghub.com/authenticate/sso |
||
HTTP Verb |
POST |
|
Authorization |
Bearer {access_token} |
|
Content-Type |
application/json |
|
Accept |
application/json |
|
Request Body |
{ "token" : "454-j34jr67gj0h76nj59g4he895jh87n" , "method" : "Office_365" }
|
|
Status Code |
Message |
Response Body |
200 |
OK |
{ "access_token" : "454-j34jr67gj0h76nj59g4he895jh87n" , "token_type" : "bearer" , "expires_in" : 86399, "refresh_token" : "QUVTMjU2LUdDTZREjBjvyYJtYNpz9tV7EwYfdQ=" }
|
401 | Unauthorized |
{ "Message" : "Invalid or expired access token" } |
400 | Bad Request |
{ "Message" : "Invalid or expired refresh token" } |
403 | Forbidden |
{ "Message" : "Account is disabled" } |
500 |
Internal Server Error |
{ "Message" : "An internal server error occurred while processing the request" } |
Item Details |
|
Names |
Description |
Request Parameters | |
access_token | OAuth access token obtained as a result of successful authentication via "client_credentials" grant type. |
token | Token obtained from 3rd party e.g Office 365 or Azure Active Directory |
method | Supported method type e.g "Office_365" or "Azure_Active_Directory" |
Response Parameters |
|
error | Error key to identify the error in programming and applications can respond based on the different error keys. |
error_description | Error message against the error key returned. Client applications can present this error as it is or send their own error message. |
access_token | OAuth user authentication access token - bearer token for subsequent authorisation to other API calls. |
token_type | Type of the token returned by authorisation server. It is always set to "bearer". |
expires_in | Number of seconds for which this access token is valid. Fixed value of 86,399 seconds (24 hours). |
refresh_token | Refresh token returned by system to be used to regenerate access token |