SSO with One Login, Is it possible to set domain name through api call

Eurofins_EOL shared this question 3 years ago
Answered

SSO with One Login, can i set the domain name in the authentication request cookie and will this override the domain name in the OneLogin configuration in Login plus?

Comments (4)

photo
1

The domain name in authentication request should be exactly the same as in SSO settings as based on it, script makes secure cookie and compares it with original domain.

What is the reason for sending another domain? Do you want to authorize users from different systems that are outside of UseResponse?

photo
1

No. We would like to handle user in different domain.

photo
1

Still not clear what is expected to get. Could you please provide more details on your workflow?

photo
1

Our site is hosted in multiple domain (per country). So we need to address users who are from these domain as part of one community.

photo
1

Is it possible to send one domain name as specified in the SSO configuration irrespective of the site being in another domain as part SSO options.

Ex:

SSO configuration: 'common.domain'

Domain in dev: 'dev.domain' shared in SSO option array as 'common.domain'

photo
1

No, it's not possible. Both domain in SSO settings and domain where you integrate it should match for security reasons

photo
1

Stas,

Is there any other way to have one community per several instances of our app? Where each instance is hosted in a different domain. We would like to have the whole feedback in one place. Maybe there is some other way of authenticating to avoid the problem with domains?

photo
photo
1

For each instance to be hosted on several domains you would need 2 licenses. But you can install 1 dev environment per your license.

Just still confused. You want to have 1 feedback system that connects and authenticates users from 2 different login forms located outside UseResponse?

photo
1

Our application is hosted in multiple geographic locations with their respective domain. We need to have one community platform that could collate all the feedback/Topics.

Now the problem here is that, request from individual application would have its own domain associated and since we have only one license, we can only authenticate to only one domain set in the OneLogin configuration and not handle others.

Could you help us out with possible solutions.

photo
1

Hello,

Now it makes sense. And I think it would be possible to use multiple login forms on various domains. In order to accomplish it, please go to your SSO class and replace following line

self::$_options['source'] = $_SERVER['HTTP_HOST'];

with the following code

self::$_options['source'] = 'host';

Just make sure to put the same 'host' where class is located that is written in your UseResponse settings. For example it can be 'eurofinsus.com' Even if your host is different, use the only one host for multiple locations.

Let us know if the instructions are clear.