SSO API

get

https://api.vcita.biz/v1/partners/sso/token

Overview

Create a one-time token for Single Sign On (SSO) login.

Available for Directory tokens only.

Authentication

Uses HTTP Token authentication. Format: Authorization: Token token="{DIRECTORY_TOKEN}"

The token must be a Doorkeeper OAuth token with directory scope.

SSO Process

Step 1: Call this endpoint to create a one-time SSO token.

Step 2: Build the SSO login URL using the token: https://api.vcita.com/v1/partners/sso/login?staff_uid={STAFF_UID}&sso_token={SSO_TOKEN}

Deep Links

To redirect users to a specific page after login, append the redirect_to query param: https://api.vcita.com/v1/partners/sso/login?staff_uid=xxxzzz111&sso_token={SSO_TOKEN}&redirect_to=/app/invoices/ru7q9qlt7cp4hfni

Impersonation

To create an impersonation session, include the operator_uid parameter. This adds the operator as the actor_uid with actor_type as operator.

Note: The returned token is valid for 30 minutes. The expires_at value is in microseconds.

Language

Click Try It! to start a request and see the response here!