• Home
  • Docs
  • Open Platform
  • Video
    • false
    Cancel

    Developer's Guide

    Prerequisite Knowledge

    To set single sign-on, you must understand the following technologies:

    • What is single sign-on?

    Single sign-on (SSO) is an authentication method that allows a user to use one set of login credentials to log into multiple related apps.

    For example, you can access YouTube and Gmail as logged-in user by simply logging into Google.

    • What is IdP- and SP-initiated SSO?

    An identity provider (IdP) is an authentication center that stores user information. It establishes a session with the user in IdP-initiated authentication.

    A service provider (SP) is responsible for providing services to the end user. It requests authentication from an IdP to validate an authenticated user's access to an app.

    For example, an IdP can be a company's employee system, and an SP can be Jodoo.

    • What is SAML?

    Security Assertion Markup Language (SAML) is a protocol that enables SSO and allows IdPs to pass authorization credentials to SPs. It is integrated into many systems such as Windows AD and Apereo CAS.

    • What is JWT?

    JWT is a structured security token format to transmit information between parties. It contains encoded JSON objects, which include user-defined messages and some auxiliary validation fields, such as a signature, and expiry time.

    Configuring Single Sign-On

    Jodoo supports single sign-on and acts as the SP during this process. Supposing the admin enables the single sign-on, when a non-logged-in member accesses Jodoo, Jodoo will redirect the request to the IdP address configured by the admin. If a member has logged in to the IdP, the IdP simply reads the user information in the session and returns it to Jodoo through configuration. Then Jodoo can identify the member and provide subsequent services. The process is as follows:

    Jodoo supports two protocols for single sign-on:

    • SAML: Mainly for users who have already integrated SAML in the authentication system or have strong background knowledge.

    Pros: it is a common protocol. It can be configured directly for reuse if SAML has been integrated. You can also use authentication service providers such as OneLogin.

    Cons: If SAML has not been integrated, users need to develop the integration layer by themselves, which is difficult.

    • Custom APIs: Mainly for users who develop their own APIs to connect with Jodoo.

    Pros: It is easy to understand and simple to develop.

    Cons: This is a custom protocol of Jodoo and users need to develop their own integration layer.

    Was this information helpful?
    Yes
    NoNo
    Need more help? Contact support
    Only available for the registered user.
    Click here to sign in and submit the feedback.
    Cancel