This is a complete edit/rewrite because I think my previous explanation was unclear
I would like to enable logons from another site. We have clients with a complete SSO to a portal that we use. This portal gives clients access to multiple systems that we have in place for them, without them having to log on a second time.
How would I implement this with Backendless UI Builder? I could pass credentials from the portal to Backendless, but what would be a best practice to handle such a thing?
We have a proprietary portal which already uses a link with the AD of the clients.
I think Iāve come up with a solution that Iām implementing now, which is a two-step procedure:
The portal does a request to a REST API (with e-mail address of the user and API authorization) that creates a record in an announcements table that this user is about to logon.The REST API returns a UUID.
The portal then forwards to a page that servers as SSO login page with the e-mail address and uuid as parameters. The page checks in the Page On Enter if there is an announcement for this user, and then logs the user on using the e-mail address and a pre-set password (which is the same for all users). The user is then forwarded to the home page.
It would be better if I could force a new password on a user in the database, I would change the password to the UUID in step 1 and use that UUID as password in step 2.
Unfortunately Iāve not been able to find a password change like this in the Users API.
Iām already in a Backendless API when I want to change the password. So I can just do a database update on the users table with a new password for this user?
Let me share the nocode logic for anyone else to use.
This method uses a table āannouncementsā with email and uuid columns. I could have used the objectId column, but I didnāt I could also have used authorization in the headers, but I didnāt
This is the āaccounceā method of my āssoserviceā API:
To log on, you need to call the API with email and api_key (enter the key in the API logic), and then 301 to the sso_login page with the uuid parameter (which you get grom the API) in the url.