Authentication/SSO

The authentication/sso operation uses the token obtained via the authentication/apiUserAuthentication method to obtain a single sign-on (SSO) token that can be added as a query parameter to bypass the login process to Nintex eSign.

Request

The authentication/sso request requires a session token be passed in the Authorization header.

Obtain a session token by authenticating in the context of an API user at the /authentication/apiUserAuthentication endpoint. Set the Authorization header to the token returned from a successful authentication in the form:

Authorization:bearer tokenvaluewillbelongandpresenthere

The authentication/credentials operation has been deprecated. New integations should use /authentication/apiUserAuthentication.

Legacy tokens provided from authentication/credentials are set in the Authorization header to X-AS-UserSessionToken plus the sessionToken. For example: Authorization: X-AS-UserSessionToken QWxhZGRpbjpvcGVuIHNlc2FtZQ==

A request body is not required for this operation.

Sample Request:

Adjust the Host to match the location of your eSign account:

Copy
POST /api/documentnow/v3.5/authentication/sso
Host: www.assuresign.net
Content-Type: application/json
Accept: application/json
Authorization: bearer tokenvaluewillbelongandpresenthere

Response

If the request is successful, the operation will return a simple result that will include an ssoToken property.

Sample Response:

Copy
{
    "result": {
        "ssoToken": "eyJ2YWxpZFVudGlsIjoxNDY3ODMyNjUzMDcyLjY0NTMsInNzb1Rva2VuSWQiOiI5ZGUwNDFlMi01ZmQ0LTRlYWUtYjAzZC1hNTNiMDEzZGNiMmIiLCJzaWduYXR1cmUiOiJ2Q1RfU0FTWDlUaDNJYVZiQlA2Y2ZscW4tLXl4VmFZMnlOamx6YzlBUmM4In0="
    }
}

A FORBIDDEN errorCode will be returned in the case that an invalid or expired token has been sent.

Using the ssoToken

This ssoToken can be added as a query parameter when accessing the Simple Setup page by adding it to the page URL in the form:

&ssoToken=VALUE

The ssoToken expires after 30 seconds, so the call to retrieve the token should be performed when the redirection will take place.