Single Sign On (SSO) Implementation with Tokens

1
Hi everyone,  I am trying to implement SSO as in this post https://community.mendix.com/link/questions/94452 I am making a webservice call from one application to get the token and passed it to another application via deeplink (deeplink name = autologin) with parameter which looks like this http://localhost:8086/link/autologin/?param=283dbe76-0a7b-4a49-908d-94bf6e7b3eae where param's value is the token, in this case a fake token. So, when I click on the link, the microflow which is triggered in environment B should get this parameter. I am confused how can I get this token from the link. Does the deeplink automatically passes this parameter to the microflow or do I have to do something else to get this parameter/token. And also how to implement the autologin after this. As discussed in this post https://www.mattkdaniels.com/blogs/walkthrough-enabling-autologin-functionality-within-your-mendix-app I have added the request handler and also the javascript to post the request but the link (deeplink) that I am clicking in environment A has a request handler /link/  so how can I change this request handler which is “link/” to “autologin/” or is there any other way I can autologin directly with the help of the token that I received.   [Edit] Hi Roland, The things that you have told me, I have done verything so far. When I am calling the javascript, The script looks like this: callAutologin(); function callAutologin() { var xhr = new XMLHttpRequest(); var url = mx.appUrl + "autologin/"; var params = "loginToken=${loginToken}"; xhr.onreadystatechange = handler; // function to call after response xhr.open("POST",url,true); xhr.setRequestHeader("Content-Type","application/x-www-form-urlencoded; charset=UTF-8"); xhr.send(params); } function handler() { if (this.readyState === this.DONE) { if (this.status === 200) { location.reload(); // if reply is 200 then reload and the user will be logged in } else { window.open("${loginURL}"); // if reply is not 200 then show the login.html page } } }   Now, I am confused over the URL part of this script which is var url = mx.appUrl + "autologin/"; My URL right now because of deeplink is like lets say X which has the token is http://localhost:8086/link/SSO/?param=1234567890 where SSO is the name of the deeplink and the javascript if I am not wrong expects a link something like this lets say Y: http://localhost:8086/autologin/?param=1234567890 How can I change my link from X to Y. And if I am wrong please correct me. And Thank you so much again for helping
asked
1 answers
1

Let's say you have an app A and B and the user needs to login from A to B. App A consumes a webservice of B that user X wants a token. App B checks if user X exists and then creates a token, attach that one to user X and returns through the webservice this token from app B to A. Now A creates a deeplink with the token as parameter. App B receives the incoming link and retrieves the user belonging to this token and then does the autologin javascript. 

Read the documentation of the deeplink. All deeplink have an URL like https://yourapp.mendix.com/link/nameofdeeplink

Nameofdeeplink is the name you attached when setting up the deeplink.

Regards,

Ronald

[EDIT]

The deeplink microflow (microflow with Token as parameter) should create the AutologinHelper object with entities loginToken and URL. The URL can be retrieved with GetApplicationURL from community commons. Then the microflow opens a popup. In the popup put the AutoLoginHelper as page parameter and put the Javascript snippet inside the AutoLoginHelper object.

answered