Integrations

Single Sign-on

This page is intended for the technically-inclined.

As of version 1.6, it is possible to integrate GraphJS with your existing authentication infrastructure. This means, if you have a dynamic application with an existing user registration backend, you may authenticate your online users on GraphJS simultaneously and seamlessly. There are three steps to achieve this:

  1. Present your existing users to GraphJS (using tokenSignup call)
  2. Make sure each new user on your platform is presented to GraphJS (again, using tokenSignup call)
  3. Every time you will present a GraphJS tag on a page that is shown to your logged in users, create a token with the "secret key" provided to you, and initialize GraphJS with that parameter.

About your single sign-on key

Your single sign-on key is tied to your subscription. To fetch it, sign in to GraphJS.com, go to Accounts > Subscriptions -- and it will be there:

If you're using the open source version of GraphJS-Server, then it is set by an environment variable called "SINGLE_SIGNON_TOKEN_KEY". Check out AuthenticationController.php to see its use in action.

tokenSignup

The tokenSignup call accepts three parameters; token, username and email where "token" is the "username" encoded with your "secret key". We use AES for symmetrical-encryption. To see how that works in PHP 7.2+, check out: https://github.com/phonetworks/graphjs-server/blob/master/src/GraphJS/Crypto.php

...

tokenLogin

The tokenLogin call accepts only a single parameter; token where "token" is encrypted the same way, by AES encrypting the username with your secret key.

 

You may use single sign-on not only with tags but with call functions as well. Just generate a token and use tokenLogin call to sign your users in automatically.

Should you have any questions, please contact us at http://risg.co/contact.html, we'd love to hear more about your use case.