SSO Process
- The user credentials can either:
- Be Passed in the request
https://<unimarket tenant url>/sso?unimarket_sso_username=<username>&unimarket_sso_password=<password>
. - Or collected using the Unimarket login screen
- Be Passed in the request
- If the Tenant the user is attempting to login to has SSO enabled, Unimarket makes a Web Service call to the configured Delegated Authentication Authority, asking it to validate the username and password.
- The Web Services call (
authentication-request
) passes the username/password and requestIp to the Delegated Authentication Authority (requestIp is the IP address from where the login request originated). The Delegated Authentication Authority must implement this Web Service and be accessible by Unimarket servers. - The implementation of the Web Service validates the passed information and returns the appropriate response (
authentication-response
). - If the response indicates successful authentication then the login process continues, a new session is generated, and the user proceeds to the application.
Notes for customers using the Unimarket Connector
A Unimarket customer (Tenant) can only be configured with one integration url. This means if a customer has chosen to use the Unimarket connector for integration (e.g. for order integration) and the customer also wishes to use SSO then the url for the Web Service described above must be the same as the connector url. This in turn means that SSO must be handled by the Unimarket connector (the Unimarket connector can then be configured to authenticate with an Active Directory server or to check credentials against a database).
Username / Password Based
Technical Information
For technical documentation and examples relating to the full list of Unimarket webservice interfaces see: