Implement SSO for the OpenWeb Android SDK


Execute SSO

There are two types of SSO available: Generic SSO and SSO with JWT secret. Please contact your OpenWeb PSMPSM - Partner Success Manager to pick the best option for you.


📘

Tip

For more information about SSO authentication, read Implement single sign on.

You can also enable single sign on through one of our third-party SSO partners.

OpenWeb also allows your users to login with their Facebook, Google or Twitter accounts. If you are interested in this option, contact your PSM and ask about Social Login.


Generic SSO

  1. Authenticate a user with your backend.
  2. Call startSSO function and get codeA.
  3. Send the codeA and all needed information to your backend system in order to get codeB.
  4. Call completeSSO with the codeB.
SpotIm.startSSO(object: SpotCallback<StartSSOResponse>() {
    override fun onSuccess(response:StartSSOResponse) {
        val codeA = response.getCodeA()
    }
  
    override fun onFailure(exception:SpotException) { 
        //doSomething...
    }
})
SpotIm.startSSO(new SpotCallback<StartSSOResponse>() { 
    @Override 
    public void onSuccess(StartSSOResponse response) { 
        String codeA = response.getCodeA(); 
    } 
    
    @Override 
    public void onFailure(SpotException exception) { 
        //doSomething... 
    } 
});

SpotIm.completeSSO("CODE_B", object: SpotCallback<CompleteSSOResponse>() {
    override fun onSuccess(response:CompleteSSOResponse) { 
        //doSomething... 
    }
  
    override fun onFailure(exception: SpotException){
        //doSomething... 
    }
})
SpotIm.completeSSO("CODE_B", new SpotCallback<CompleteSSOResponse>() { 
    @Override 
    public void onSuccess(CompleteSSOResponse response) { 
        //doSomething... 
    } 
    
    @Override 
    public void onFailure(SpotException exception) { 
        //doSomething... 
    } 
});


SSO with JWT secret

  1. Authenticate a user with your backend
  2. Call ssoWithJwt(JWT) with a user JWT secret.

If there is no error in the callback and response?.success is true, the authentication process finished successfully.

SpotIm.ssoWithJwt("JWT_SECRET", object: SpotCallback<SsoWithJwtResponse>() {
    override fun onSuccess(response: SsoWithJwtResponse) { 
        //doSomething... 
    }
       
    override fun onFailure(exception: SpotException) {
        //doSomething...
    }
})
SpotIm.ssoWithJwt("JWT_SECRET", new SpotCallback<SsoWithJwtResponse>() { 
    @Override 
    public void onSuccess(SsoWithJwtResponse response) { 
        //doSomething... 
    } 
    
    @Override 
    public void onFailure(SpotException exception) { 
        //doSomething... 
    } 
});


Supporting signup/login flow

To support instantiating signup/login flow from the Spot.IM SDK UI, you can
provide LoginDelegate to the Spot.IM SDK.
Calling the startLoginFlow delegate method should show some UI that will:

  1. Let the user signup/login into the app
  2. Upon successful login will do the full SSO flow using the Spot.IM SDK API, to make sure the user is logged in to the Spot.IM commenting system as well.
SpotIm.setLoginDelegate(object:LoginDelegate() {
    override fun startLoginFlow(activityContext:Context) {
        //Implement your app logic for starting the login flow.
    }
})
SpotIm.setLoginDelegate(new LoginDelegate() {
    @Override
    public void startLoginFlow(Context activityContext) {
        //Implement your app logic for starting the login flow.
    }
});


Logout

Call the OpenWeb logout API whenever a user logs out of your system.

SpotIm.logout(object: SpotVoidCallback {
    override fun onSuccess() { 
        //doSomething... 
    }
    
    override fun onFailure(exception: SpotException) {
        //doSomething... 
    }
})
SpotIm.logout(new SpotCallback<Void>() { 
    @Override 
    public void onSuccess(Void response) { 
        //doSomething... 
    } 
    
    @Override 
    public void onFailure(SpotException exception) { 
        //doSomething... 
    } 
});


Login status

An API to understand the status of the current OpenWeb user.
Guest - Means this is a guest unregistered user. You should call startSSO/sooWithJWT if your own login status is 'user is logged in'
LoggedIn - Mean this is a registered user of SpotIm. You should avoid calling startSSO/sooWithJWT in this case.
If you own status is 'user is logged out', you should call SpotIm logout method

Use getUserStatus() to know if the current user is a guest or a registered user.

SpotIm.getUserStatus(object: SpotCallback<UserStatus>() {
    override fun onSuccess(status:UserStatus) { 
        //doSomething... 
    }
    
    override fun onFailure(exception: SpotException) {
        //doSomething... 
    }
})
SpotIm.getUserStatus(new SpotCallback<UserStatus>() {
    @Override 
    public void onSuccess(UserStatus status) { 
        //doSomething... 
    } 
    
    @Override 
    public void onFailure(SpotException exception) { 
        //doSomething... 
    }
});

The current logged-in userId can also be retrieved by using getUserLoginStatusWithId . If current user status is GUEST , userId will be an empty String

SpotIm.getUserLoginStatusWithId(object: SpotCallback<UserStatusResponse>() {
    override fun onSuccess(response:UserStatusResponse) { 
        //doSomething... 
    }
    
    override fun onFailure(exception: SpotException) {
        //doSomething... 
    }
})
SpotIm.getUserLoginStatusWithId(new SpotCallback<UserStatusResponse>() {
    @Override 
    public void onSuccess(UserStatusResponse response) { 
        //doSomething... 
    } 
    
    @Override 
    public void onFailure(SpotException exception) { 
        //doSomething... 
    }
});

or by calling SpotIm.getRegisteredUserId . If current user status is GUEST , userId will be will be an empty String

SpotIm.getRegisteredUserId(object: SpotCallback<String>() {
    override fun onSuccess(response:String) { 
        //doSomething... 
    }
    
    override fun onFailure(exception: SpotException) {
        //doSomething... 
    }
})
SpotIm.getRegisteredUserId(new SpotCallback<String>() {
    @Override 
    public void onSuccess(String response) { 
        //doSomething... 
    } 
    
    @Override 
    public void onFailure(SpotException exception) { 
        //doSomething... 
    }
});

Did this page help you?