Auto Login

To automatically login a user (let's say after registration), you must first generate and keep track of a token in the Resource Server and assign it to a user. This could happen at the same time as you add a new user to your database. The Token Authentication endpoint will then receive this token for verification.

This workflow is based on the standard OAuth2 Authorization workflow and may be triggered by simply including the token query parameter in your OAuth2 client's Authorization Url and navigating the browser to SSOfy's authorization endpoint.

Javascript Example:

window.location.href = 'https://LIVE-DOMAIN/authorize?token=SOME-TOKEN&...'

If the token verification is successful, the workflow will proceed without user being asked for their username and password, and they will be redirected back and signed in properly, just like with an authorization code.

It is strongly recommended that you generate secure tokens (at least 32 characters in length) in Resource Server and always specify a TTL (expiration time) for generated tokens.

The OTP moniker (One-Time-Password) indicates that no tokens should live forever, therefore you MUST also consider invalidating the token once the verification is successfully done.

ssofyKnowledge Base
At our core, we believe that staying up-to-date with the latest trends and advancements in Authentication and related areas is essential. That's why we take great pride in keeping you informed with the latest insights, updates, and news in this rapidly evolving landscape.


Do you need support?
Submit A Ticket
SSOfy is by Cubelet Ltd.
Copyright © 2024 Cubelet Ltd. All rights reserved.