REST External User Authentication Connector

Authenticate your users against an external system - e.g. a web service or enterprise identity provider. 

 

User passwords are never stored on our platform when external auth is configured.

 

When logged into the web portal, navigate to Organization&Users>Organization Setup>Integrations>External User Authentication And Provisioning, and the following options will be available:

 

 

Okta, Azure AD and Ping Identity require Enterprise ToolKit.

 


REST

When a user logs in on our website or apps, our system will receive the login request and ensure the user's email is registered on our platform.


Assuming the user email is found, our system will then transparently 'pass through' the login credentials to this external web service URL for authentication.


The external service MUST return a 200 HTTP status code to be considered authenticated by our platform; any other response will be deemed a login failure.

 

Organization Setup - External User Authentication using REST

 

Authentication URL

When a user logs in on our website or apps, our system will receive the login request and ensure the user email is registered on our platform.

 

Assuming the user email is found, our system will then transparently 'pass through' the login credentials to this external web service URL for authentication.

The external service MUST return a 200 HTTP status code to be considered authenticated by our platform; any other response will be deemed a login failure.

 

The following placeholders can be used to inject user's identifier, login, organization ID and device operating system, name and IP address into the URL, headers and body:

{{USERID}}

{{USEREMAIL}}

{{USERPASSWORD}}

{{USEREXTERNALID}}

{{ORGID}}

{{DEVICEOS}}

{{DEVICENAME}}

{{DEVICEIP}}

HTTP Action Select the request action (POST, PUT, GET) and Data As (JSON, URL Encoded, XML).
HTTP Auth Type

If your service uses HTTP Basic authentication, then you do not need to configure Headers or specify any placeholders in the Destination URL. Our system will automatically add the required headers and will encode the user's email and password onto the given URL.

 

Find out more about Basic Auth.

Forgot Password URL

Login processes on our platform provide a 'Forgot Password' option for users to request a password reset via email.

 

Our system will forward these password reset requests to the given external service URL as an HTTP GET action.

The external service MUST return a 200 HTTP status code to be considered successful by our platform; any other response will be deemed a failure.

 

The following placeholders can be used to inject the user's identifier, email, organization ID and device operating system, name and IP address into the URL:

{{USERID}}

{{USEREMAIL}}

{{USEREXTERNALID}}

{{ORGID}}

{{DEVICEOS}}

{{DEVICENAME}}

{{DEVICEIP}}

 


Okta

Please refer to Provisioning Users and Single Sign-On with Okta.


Azure Active Directory

Please refer to Provisioning Users and Single Sign-On with Azure Active Directory.


Ping Identity

Please refer to Single Sign-On with Ping Identity.

 

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Adding a New User

When logged into the web portal, navigate the side menu Organization&Users > User &...

Managing Users

Managing your users on the platform is achieved when logged into the web portal, via the...

Organization Setup

  You can manage your organization-wide settings by navigating the left side menu to...

Users - Frequently Asked Questions

Is it possible to permanently block a users device from accessing our system or block someone's...