{"id":90,"date":"2019-11-11T15:15:30","date_gmt":"2019-11-11T15:15:30","guid":{"rendered":"https:\/\/intern.quizu.de\/?p=90"},"modified":"2019-11-12T18:00:07","modified_gmt":"2019-11-12T18:00:07","slug":"sso-implementation","status":"publish","type":"post","link":"https:\/\/intern.quizu.de\/?p=90","title":{"rendered":"SSO implementation"},"content":{"rendered":"\n<p>Our SSO solution supports <strong>only<\/strong> OIDC. It works with any platform which works with this particular authentication layout.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">This is what we support\/need:<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Client ID &amp; secret: <\/strong>These two values are essential credentials we need to authenticate with the customer server<\/li><li><strong>Login URL: <\/strong>which login URL is used for logging in <br>(callback from this login =&gt; Riddle receives a code to request an access token later)<\/li><li><strong>Access Token URL: <\/strong>from which URL do you get the access token to get further information about the user (email, \u2026)<\/li><li><strong>User Info URL: <\/strong>from which url do you get user information with the help of an access token?<\/li><li><strong>Scopes: <\/strong>which scopes does the SSO platform support? (openid is required)<br>(our default scopes: openid, email, profile)<\/li><li>(optional) Several environment for tests (test, stage, live)<ul><li>The customer can test if Riddle SSO works on e.g. a dev environment before using the live login paths &amp; credentials<\/li><\/ul><\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Our endpoint details are the following:<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Application Contact: philipp@riddle.com reimar@riddle.com<\/li><li>Redirect URLs:<ul><li><a href=\"https:\/\/local.riddle.com\/auth\/sso\/callback\/bbc\">https:\/\/local.riddle.com\/auth\/sso\/callback\/<\/a><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/%7BcustomerSlug%7D\">{encodedCustomerSlug}<\/a><\/li><li><a href=\"https:\/\/dev.riddle.com\/auth\/sso\/callback\/bbc\">https:\/\/dev.riddle.com\/auth\/sso\/callback\/<\/a><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/%7BcustomerSlug%7D\">{encodedCustomerSlug}<\/a><\/li><li><a href=\"https:\/\/dev2.riddle.com\/auth\/sso\/callback\/bbc\">https:\/\/dev2.riddle.com\/auth\/sso\/callback\/<\/a><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/%7BcustomerSlug%7D\">{encodedCustomerSlug}<\/a><\/li><li><a href=\"https:\/\/dev3.riddle.com\/auth\/sso\/callback\/bbc\">https:\/\/dev3.riddle.com\/auth\/sso\/callback\/<\/a><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/%7BcustomerSlug%7D\">{encodedCustomerSlug}<\/a><\/li><li><a href=\"https:\/\/preview.riddle.com\/auth\/sso\/callback\/bbc\">https:\/\/preview.riddle.com\/auth\/sso\/callback\/<\/a><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/%7BcustomerSlug%7D\">{encodedCustomerSlug}<\/a><\/li><li><a href=\"https:\/\/staging.riddle.com\/auth\/sso\/callback\/bbc\">https:\/\/staging.riddle.com\/auth\/sso\/callback\/<\/a><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/%7BcustomerSlug%7D\">{encodedCustomerSlug}<\/a><\/li><li><a href=\"https:\/\/www.riddle.com\/auth\/sso\/callback\/bbc\">https:\/\/www.riddle.com\/auth\/sso\/callback\/<\/a><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/%7BcustomerSlug%7D\">{encodedCustomerSlug}<\/a><\/li><\/ul><\/li><li>Access Token TTL: 3600<\/li><li>OpenID Connect JWT Token TTL: 3600<\/li><li>Scopes: openid, email, profile<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">You\u2019ll use the following URL to login:<\/h2>\n\n\n\n<p><a href=\"https:\/\/riddle.com\/auth\/sso\/login\/{encodedCustomerSlug}\">https:\/\/riddle.com\/auth\/sso\/login\/{encodedCustomerSlug}<\/a><\/p>\n\n\n\n<p>(you have to replace <code>{encodedCustomerSlug}<\/code> with your encoded customer slug)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Our SSO solution supports only OIDC. It works with any platform which works with this particular authentication layout.&nbsp; This is what we support\/need: Client ID&#8230;<\/p>\n<div class=\"more-link-wrapper\"><a class=\"more-link\" href=\"https:\/\/intern.quizu.de\/?p=90\">Weiterlesen<span class=\"screen-reader-text\">SSO implementation<\/span><\/a><\/div>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-90","post","type-post","status-publish","format-standard","hentry","category-deployment","entry"],"_links":{"self":[{"href":"https:\/\/intern.quizu.de\/index.php?rest_route=\/wp\/v2\/posts\/90","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/intern.quizu.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/intern.quizu.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/intern.quizu.de\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/intern.quizu.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=90"}],"version-history":[{"count":3,"href":"https:\/\/intern.quizu.de\/index.php?rest_route=\/wp\/v2\/posts\/90\/revisions"}],"predecessor-version":[{"id":93,"href":"https:\/\/intern.quizu.de\/index.php?rest_route=\/wp\/v2\/posts\/90\/revisions\/93"}],"wp:attachment":[{"href":"https:\/\/intern.quizu.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=90"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/intern.quizu.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=90"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/intern.quizu.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=90"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}