License Users SSO
Please note that license users SSO (Single Sign On) is only available on Enterprise plan. It allows using Single Sign On method for license activation.
Enabling Single Sign-On (SSO) authentication facilitates the activation of user-based licenses. Currently, this functionality is accessible through the C++ and .NET/C# SDK and directly via the License API. Comprehensive instructions for the SDK implementation can be located within the SDK documentation.
To initiate SSO for your license users, the essential steps involve establishing a user pool and provider specific to the Customer Account. This configuration is pertinent to all license users within orders generated by customers associated with that particular customer account.
Access the Customer Account view via the main platform navigation, specifically under Customers -> Customer Accounts.
Here, you can either select an existing customer account from the list or create a new one using the "Add new account" button.
Once within the customer account, navigate to the "Single Sign On" tab.
In this section, you have the option to activate SSO and gather any necessary data to ensure its seamless setup and operation.
Follow instructions to setup social identity sign in (Google) and SAML identity provider and Azure Active Directory on our Single Sign On (SSO) page.
Note: Please make sure at least one customer is added by creating new one or choosing from existing customers and issue at least one license that is user based for that customer.
If you plan to use the License API directly to authenticate users ( instead of using SDKs ) you need to follow this flow:
The /api/v4/sso_url endpoint will return the URL where your hosted login UI will be served. To create the correct URL you need to use customer_account_code of the customer account for which the user pool and providers have been created and the product_short_code of the product defined in LicenseSpring.
Details for this endpoint are written in the SSO URL page. Use the URL from the response to open the hosted UI through which your users can login.
After successful login on the hosted UI, users will be redirected to the URL from redirect_uri field. Attached to this page URL you will receive some query parameters, of which the most important is the id_token or code if you are using authorization code grant described in more detail on the SSO URL page.
Along with the customer_account_code this field needs to be sent to the License Activation endpoint. License user needs to be assigned before that to the license which is being activated.