SSO (Single Sign On)

API Reference: SSO API

📘
Requires directory token
SSO is available for directory owners having a directory token. Not all accounts are eligible.

The SSO process consists of two simple steps:

Step1: Creating a one-time token

curl --location --request GET 'https://api.vcita.com/v1/partners/sso/token?staff_uid={STAFF_UID}' \
--header 'Authorization: Token token="{DIRECTORY_TOKEN}"'

Response:

{
  "sso_token": "aaabbbcccddd111222333444",
  "expires_at": 1666169052
}

🚧
Token expiration time
The returned token will remain valid for 30 minutes (expires_at value is in microseconds).

→ Use the business_uid to log in users with admin access.
→ Alternately use the staff_uid to log in users as specific staff members (Please refer to the staff API reference).

Step 2: Build the SSO login URL

Copy-paste the below URL and replace {SSO_TOKEN} with the token you received in step 1.

https://api.vcita.com/v1/partners/sso/login?staff_uid=xxxzzz111&sso_token={SSO_TOKEN}

Deep links

If you want the user to land on a specific page in the system right after the SSO login (i.e a particular page of invoice, etc), you can append the "redirect_to" query param to the SSO URL and specify the desired path.
The path should be relative to the main application domain and start from "/app/PATH". See example:

https://api.vcita.com/v1/partners/sso/login?staff_uid=xxxzzz111&sso_token={SSO_TOKEN}&redirect_to=/app/invoices/ru7q9qlt7cp4hfni

This will land the user here:
https://app.vcita.com/app/invoices/ru7q9qlt7cp4hfni

SSO (Single Sign On)

📘
Requires directory token

Step1: Creating a one-time token

🚧
Token expiration time

Step 2: Build the SSO login URL

Deep links

📘Requires directory token

Step1: Creating a one-time token

🚧Token expiration time

Step 2: Build the SSO login URL

Deep links

📘
Requires directory token

🚧
Token expiration time