SDKs
...
Tutorials
Advanced Usage
Single Sign-On
10min
single sign on is a useful feature that allows users to log in to multiple applications and websites with one set of credentials in this guide, we will explore how to integrate this functionality into your application using the licensespring sdk prerequisites completed the c++ sdk configuration and usage docid\ mtxgbtqymb doqfxbcqop and user based licensing docid\ xepx04m3oh f6s8ylf6mz tutorials, specifically initialized licensemanager (or licensehandler ) with your configuration using the appropriate settings activated the user based license of any type sso configuration to implement sso activation, add a customer account code to the configuration the account code can be found on your licensespring account under customer >customer accounts when you have this value, set it to the configuration auto configuration = licensespring configuration create( apikey, sharedkey, productcode, appname, appversion ); configuration >setcustomeraccount( "licensespring" );var configuration = new configuration( apikey, sharedkey, productcode, appname, appversion ); configuration customeraccount = "licensespring";configuration customeraccountcode = "licensespring" this value also can be set during the activation process, so you can use multiple customer accounts without reconfiguring the licensemanager authorization url you can choose the authorization method when getting the authorization url there are two methods token implicit grant which attaches user pool tokens ( id token, access token, expires in, and token type ) to the redirect uri once the user is verified code authorization code grant method where the code query param is attached to the redirect url instead of id token this code is sent in the request body when doing license activation if you do not want to expose user tokens or the redirect uri is too long for your use case, we recommend using the code instead of the token by default, the sdk returns the url with the authorization code to use the authorization token, pass the additional parameter to the getssourl method auto url = licensemanager >getssourl();//customer account was set to configuration, url with authorization code auto url = licensemanager >getssourl(“licensespring”);//customer account was not set to configuration, url with authorization code auto url = licensemanager >getssourl( std string(), false );//customer account was set to configuration, url with authorization token auto url = licensemanager >getssourl( “licensespring”, false );//customer account was not set to configuration, url with authorization tokenvar url = licensemanager getssourl();//customer account was set to configuration, url with authorization code var url = licensemanager getssourl(“licensespring”);//customer account was not set to configuration, url with authorization code var url = licensemanager getssourl(null, false);//customer account was set to configuration, url with authorization token var url = licensemanager getssourl(“licensespring”, false);//customer account was not set to configuration, url with authorization tokenlet ssourl = try manager requestssourl()sso resp, err = lh getssourl(ctx, "customer account", "use oauth code") java ssourl ssourl = licensemanager getssourl(); note that this method sets the passed customer account to the licensemanager configuration authorization you can open the sso url in the system browser or within the application after the user enters the login credentials, handle the redirect system browser if you are using the system browser, you can implement reopening the application with the redirect url as a parameter to make the application open with the redirect link, add a script that edits the registry, enabling your application to handle licensespring urls, as a part of the installation process here’s an example of edited registry browsing within the application this functionality can be implemented using various libraries and tools such as qt webengine or net webbrowser control the goal is to wait until the url changes and retrieve this redirect link to learn more about both approaches, see the sso sample projects we provide along with c++ and net sdks license activation when you have the redirect url, extract the authorization code or token auto query = qurlquery( redirecturl fragment() ); const qstring paramname( "code" ); //or “id token” if( query hasqueryitem( paramname) ) { auto authorizationdata = query queryitemvalue( paramname ); //activate the license }uri query = new uri( redirecturl); string authorizationdata = httputility parsequerystring( myuri query ) get( "code" );//or “id token” if( !string isnullorempty( authorizationdata ) ) //activate the licenselet token = try licensemanager extractssotoken( from "redirect url", scheme "licensespring" // for integrity check ) then pass the authorizationdata value to the activation method it allows setting the customer account and specifying whether the authorization data is a code or a token auto license = licensemanager >activatelicense( authorizationdata );//customer account was set to configuration, authorizationdata is a code auto license = licensemanager >activatelicense( authorizationdata, “licensespring” );//customer account was not set to configuration, authorizationdata is a code auto license = licensemanager >activatelicense( authorizationdata, “licensespring”, false );//customer account was not set to configuration, authorizationdata is a tokenvar license = licensemanager activatelicense( authorizationdata );//customer account was set to configuration, authorizationdata is a code var license = licensemanager activatelicense( authorizationdata, “licensespring” );//customer account was not set to configuration, authorizationdata is a code var license = licensemanager activatelicense( authorizationdata, “licensespring”, false );//customer account was not set to configuration, authorizationdata is a tokentry manager activatelicense(ssotoken token) common errors this type of license activation can throw the same errors as a regular activation in addition, there are errors specific to single sign on ssoexception in case the customer was not found or sso is not enabled ssotokenexception in case the sso token is invalid or expired