Authentication/SSO
The authentication/sso operation uses the token obtained via the authentication/apiUserAuthentication method to obtain a single sign-on (SSO) token that can be added as a query parameter to bypass the login process to Nintex eSign.
Request
The authentication/sso request requires a session token be passed in the Authorization header.
Obtain a session token by authenticating in the context of an API user at the /authentication/apiUserAuthentication endpoint. Set the Authorization header to the token returned from a successful authentication in the form:
Authorization:bearer tokenvaluewillbelongandpresenthere
The authentication/credentials operation has been deprecated. New integations should use /authentication/apiUserAuthentication.
Legacy tokens provided from authentication/credentials are set in the Authorization header to X-AS-UserSessionToken plus the sessionToken. For example: Authorization: X-AS-UserSessionToken QWxhZGRpbjpvcGVuIHNlc2FtZQ==
A request body is not required for this operation.
Sample Request:
Adjust the Host to match the location of your eSign account:
POST /api/documentnow/v3.5/authentication/sso
Host: www.assuresign.net
Content-Type: application/json
Accept: application/json
Authorization: bearer tokenvaluewillbelongandpresenthere
Response
If the request is successful, the operation will return a simple result that will include an ssoToken property.
Sample Response:
{
"result": {
"ssoToken": "eyJ2YWxpZFVudGlsIjoxNDY3ODMyNjUzMDcyLjY0NTMsInNzb1Rva2VuSWQiOiI5ZGUwNDFlMi01ZmQ0LTRlYWUtYjAzZC1hNTNiMDEzZGNiMmIiLCJzaWduYXR1cmUiOiJ2Q1RfU0FTWDlUaDNJYVZiQlA2Y2ZscW4tLXl4VmFZMnlOamx6YzlBUmM4In0="
}
}
A FORBIDDEN errorCode will be returned in the case that an invalid or expired token has been sent.
Using the ssoToken
This ssoToken can be added as a query parameter when accessing the Simple Setup page by adding it to the page URL in the form:
&ssoToken=VALUE
The ssoToken expires after 30 seconds, so the call to retrieve the token should be performed when the redirection will take place.