Implement SSO for the OpenWeb Android SDK


Execute SSO

There are two types of SSO available: Generic SSO and SSO with JWT secret. Please contact your OpenWeb PSM to pick the best option for you.


📘

Tip

For more information about SSO authentication, read Implement single sign on.

You can also enable single sign on through one of our third-party SSO partners.

OpenWeb also allows your users to login with their Facebook, Google or Twitter accounts. If you are interested in this option, contact your PSM and ask about Social Login.


Generic SSO

  1. Authenticate a user with your backend.
  2. Call startSSO function and get codeA.
  3. Send the codeA and all needed information to your backend system in order to get codeB.
  4. Call completeSSO with the codeB.
SpotIm.startSSO(object: SpotCallback<StartSSOResponse>() {
    override fun onSuccess(response:StartSSOResponse) {
        val codeA = response.getCodeA()
    }
  
    override fun onFailure(exception:SpotException) { 
        //doSomething...
    }
})

SpotIm.completeSSO("CODE_B", object: SpotCallback<String>() {
    override fun onSuccess(response: String) {
        val userId = response
        // You can save the userId in case you support multiple users logged in at the same time in the application side
        // Later on this userId can be checked with `SpotIm.getUserLoginStatus` function
    }
  
    override fun onFailure(exception: SpotException){
        //doSomething... 
    }
})


SSO with JWT secret

  1. Authenticate a user with your backend
  2. Call ssoWithJwt(JWT) with a user JWT secret.

If there is no error in the callback and response?.success is true, the authentication process finished successfully.

SpotIm.ssoWithJwt("JWT_SECRET", object: SpotCallback<SsoWithJwtResponse>() {
    override fun onSuccess(response: SsoWithJwtResponse) { 
        //doSomething... 
    }
       
    override fun onFailure(exception: SpotException) {
        //doSomething...
    }
})


Supporting signup/login flow

To support instantiating signup/login flow from the Spot.IM SDK UI, you can
provide LoginDelegate to the Spot.IM SDK.
Calling the startLoginUIFlow delegate method should show some UI that will:

  1. Let the user signup/login into the app
  2. Upon successful login will do the full SSO flow using the Spot.IM SDK API, to make sure the user is logged in to the Spot.IM commenting system as well.

Calling the renewSSOAuthentication delegate function should perform a silent SSO:

  1. Re-SSO the user to keep him logged in.
  2. This function will be called whenever an authentication token expired or for some reason an authentication error occurred and a user was logged in before.
  3. A userId field is used in order to keep track which user was logged in from before - allowing support in multiple logged in users in the application which is using the SDK.
SpotIm.setLoginDelegate(object:LoginDelegate() {
    override fun startLoginUIFlow(activityContext:Context) {
        // Show your login UI flow here.
    }
  
    override fun renewSSOAuthentication(userId: String) {
        // Renew SSO - Basically silent SSO again to keep the user connected
        // This function will be called once a token is no longer valid and a user was connected from before
        // Follow the above steps to renew the SSO
    }
})


Logout

Call the OpenWeb logout API whenever a user logs out of your system.

SpotIm.logout(object: SpotVoidCallback {
    override fun onSuccess() { 
        //doSomething... 
    }
    
    override fun onFailure(exception: SpotException) {
        //doSomething... 
    }
})


Login status

An API to understand the status of the current OpenWeb user.
UserStatus.Guest - Means this is a guest unregistered user.
UserStatus.SSOLoggedIn(userId: String) - Means this is a registered user of SpotIm.

Use getUserLoginStatus() to know if the current user is a guest or a registered user.

SpotIm.getUserLoginStatus(object: SpotCallback<UserStatus>() {
    override fun onSuccess(status:UserStatus) {
            // val isLoggedIn = status != UserStatus.Guest
            // Do something... 
    }
    
    override fun onFailure(exception: SpotException) {
            // Do something... 
    }
})

Did this page help you?