Single Sign-On (SSO)

Overview

NOTE: In October 2014, Duda updated our Single Sign-On method. If you are using the legacy method of generating a HMAC-SHA1 signature, please see the legacy documentation here.


Duda provides a full Single Sign-On (SSO) option to seamlessly integrate Duda into your existing web application. SSO allows you to perform basic authentication of your customer or staff and then automatically log in/authenticate them into your White Label portal. Depending on which permissions you've given customers access to, they will have full access to the white label experience, which means they can edit sites, see other sites available to them and view statistics for these sites. This option is only available for DudaPro Partners. 

Here are a few use cases that might be helpful:

  • You have a client dashboard that ties together many different services/offerings. Inside of the dashboard, you would like to allow your users to update and edit their website. Through SSO, you can automatically log them into your own branded editor and update the site themselves.
  • You have a team that builds websites for many customers and you want to integrate Duda into your work flow. You can automatically have site designers be logged into the site they need to edit and only have access to that one site directly. This allows them to get directly to designing the site instead of wasting time managing the logins. 
  • You would like to allow potential customers to build sites directly from your home page by entering an existing website URL and having Duda create a new site based off that content. Then once the site is created, you can log that customer into the site by performing SSO.

Requirements & Details

To log users into the white label account you must have Duda generate a valid SSO token and then redirect users to your white label portal with the valid Single Sign-On Token. Duda has two main ways to do this: (1) Generate a SSO link and (2) Generate a SSO token and format the unique URL yourself. If you use the link method, you can specify which part of the platform you would like the customer / staff to be directed to: Dashboard, Stats, Site Reset (multiscreen sites only), or The Site Editor. 

In order to generate the token or link you will need to have:

  • A customer or staff account already created for the user you want to authenticate
  • The customer or staff member must have permission to access the part of platform. For example, to authenticate a user to the stats page, they must have permission to access the stats tab.
  • If you are authenticating a customer and sending them directly to a site resource (stats or editor), they must have been granted access to the site & permissions to edit the site. 

Generating SSO URL with Token

As part of performing SSO, you will need to generate the entire SSO URL with all the required parameters. These parameters are:

  • SSO Endpoint (Set inside of your DudaPro account)
  • Path of page you want to SSO to. For the Site Editors, this is: /home/site/{site_name}
  • The site name you are signing onto via SSO.
  • SSO token with the URL Parameter for the NAME and the VALUE that needs to be passed as a URL parameter.

Site Builder Endpoint:

  • http://{SSO_Endpoint_URL}/home/site/{site_name}?{parameter_name}={sso_value}

Dashboard Endpoint

  • http://{SSO_Endpoint_URL}/home?{parameter_name}={sso_value}

Generating SSO URL with Link

Duda allows you to generate an SSO link directly into any part of the site builder. This is the recommended way to implement SSO into the platform. Duda will return a formatted URL for your account's white label portal. You will then redirect the customer or staff member to the URL that Duda returns. Duda allows you to generate an SSO URL for the following locations in the platform:

  1. Sites Management Dashboard
  2. Stats
  3. Site Editor
  4. Reset Site (multiscreensite only)

Before the URL can be generated, you must ensure that the user has been granted access to the site and has the appropriate permissions assigned to their account.

SSO Token Implementation in PHP

01 <?php
02 //define function to call Duda API and get a valid SSO token
03 function getSSOToken($account){
04     $ch = curl_init();
05     //Set cURL parameters to perform API Call
06     curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
07     //Format URL to send API call
08     curl_setopt($ch, CURLOPT_URL, 'https://api.dudamobile.com/api/accounts/sso/'.$account .'/token');
09     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
10     curl_setopt($ch, CURLOPT_USERPWD, "APIaccount:APIpassword");
11     curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
12     curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
13     curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
14     //Execute cURL call
15     $output = curl_exec($ch);
16     //Close cURL
17     curl_close($ch);
18     //Turn returned JSON into array
19     $output = json_decode($output);
20     return $output;
21 }
22     //set SSO values
23     $ssoEndPointURL = 'example.sso-endpoint.com';
24     $siteEditorPath = '/home/site/';
25     $siteName = '688b1ed';
26     $account = 'johnsmith@gmail.com';
27      
28     //get token data
29     $tokenArray = getSSOToken($account);
30      
31     //generate white label sso endpoint URL
32     $ssoLocation = 'http://' . $ssoEndPointURL . $siteEditorPath . $siteName .'?' . $tokenArray->url_parameter->name . '=' . $tokenArray->url_parameter->value;
33      
34     //redirect user to endpoint URL
35     header('Location: ' . $ssoLocation);
×

Priority Phone Support

English phone support is available 18 hours a day,
Monday through Friday, 3am to 9pm (EST).

United States +1 866-776-1550 3am to 9pm (Eastern)
United Kingdom +44 (0)800-011-9071 8am to 2am (London)
France +33 (0)9-75-18-84-74 9am to 3am (Paris)
Israel +972 (0)3-720-8922 10am to 4am (Jerusalem)
Australia +61 (0)2-8880-9166 7pm to 1pm (Sydney)
To schedule a call in French, Portuguese, Hebrew or Russian, please email us at prioritysupport@dudamobile.com
×

Please Log in as a DudaPro

Priority Phone Support is available exclusively to DudaPros. Log in to your DudaPro account now to see our international support numbers.

Log In
Not a DudaPro? Start a free trial now!