Home > API Reference > Single Sign On Authentication

Single Sign On Authentication

SigningHub uses OAuth 2.0 to authorize client requests. Business application can call this API to get the access token of user by requesting third party, based on provided method & token. Currently supported third parties are Office 365 and Azure Active Directory.

https://api.signinghub.com/authenticate/sso

HTTP Verb

POST

Authorization

Bearer {access_token}

Content-Type

application/json

Accept

application/json

Request Body

{
   "token": "454-j34jr67gj0h76nj59g4he895jh87n",
   "method": "Office_365"
}

Status Code

Message

Response Body 

200

OK

{
   "access_token": "454-j34jr67gj0h76nj59g4he895jh87n",
   "token_type": "bearer",
   "expires_in": 86399,
   "refresh_token":"QUVTMjU2LUdDTZREjBjvyYJtYNpz9tV7EwYfdQ="
}
401 Unauthorized
{
   "Message": "Invalid or expired access token"
}
400  Bad Request
{
   "Message": "Invalid or expired refresh token"
}
403 Forbidden
{
   "Message": "Account is disabled"
}

500

Internal Server Error
{
   "Message": "An internal server error occurred while processing the request"
}

Explanation of parameters used in the request and response:
 Item Details
 Names
  Description
 Request Parameters
access_token OAuth access token obtained as a result of successful authentication via "client_credentials" grant type.                                                                                                           
token Token obtained from 3rd party e.g Office 365  or Azure Active Directory
method Supported method type e.g "Office_365" or "Azure_Active_Directory"
 
Response Parameters
 error Error key to identify the error in programming and applications can respond based on the different error keys.
 error_description Error message against the error key returned. Client applications can present this error as it is or send their own error message.
 access_token OAuth user authentication access token - bearer token for subsequent authorisation to other API calls.
 
 token_type Type of the token returned by authorisation server. It is always set to "bearer".
 
 expires_in Number of seconds for which this access token is valid.  Fixed value of 86,399 seconds (24 hours).
 refresh_token  Refresh token returned by system to be used to regenerate access token


See also
Authentication
Get Service Agreements
OTP Login Authentication
Kerberos Authentication
Revoke Refresh Tokens
Get Public Authentication Profiles
Pre Login Authentication
Logout
SigningHub Admin APIs
Enterprise Management
Document Package
Document Workflow
Document Preparation
Document Processing
Account Management
Personal Settings
Appendix
Get SigningHub Admin Branding
Get SH Admin Branding Logo
Get SH Admin Branding Favicon
System Settings
Publish Workflow Completion Report
Get Profile Picture of Recipient
Get Enterprise Branding Logo
Get Enterprise Branding Favicon
OTP Verification