most excelent the least possible in some cases SSO is required for IT compliance.
Cloud SSO
CloudCard can implement SSO in the Cloud for most major identity providers . However, there are an associated implementation and annual service fees.On-Premises SSO
Because CloudCard uses a stateless, token-based authentication protocol, implementing SSO on premises is relatively trivial. In most cases, CloudCard can provide an authentication connector for your organization to host on-premise.
Displayed to the right is a simplified diagram of how a CloudCard SSO Auth Connector works. The authentication connector is highlighted in red. The exact implementation of a connector (i.e. PHP, JavaScript, ColdFusion, Java) depends on the customer's preferences.
Below an example of a connector is displayed in pseudocode to further explain the process.
Code Block | ||||
---|---|---|---|---|
| ||||
/**
* This connector should run on the server - NOT in a webpage
* or any other client-side technology.
*/
const CLOUDCARD_API_ACCESS_TOKEN // CloudCard provides this
// cardholder data
var cardholder = {
email : "",
cardholderIDNumber: "" //optional; but highly recommended
customFields : { //optional
customField1 : "",
customField2 : "",
...
customFieldN : ""
}
}
/**
* This function loads cardholder data from the session,
* a database, LDAP, or wherever is most convenient.
*/
function loadCardholderData () {
// this is written by the customer
}
/*** EVERYTHING BELOW THIS LINE IS ALREADY ***/
/*** WRITTEN AND PROVIDED BY CLOUDCARD ***/
/**
* sends a POST request to CloudCard to request access for
* the cardholder.
*/
function getLoginLink(var cardHolder) {
// see Developer Docs: https://sharptop.atlassian.net/wiki/spaces/CCD/pages/74088466/Generate+a+login+link+for+a+user
}
var loginLink = getLoginLink (cardHolder)
// Finally redirect the user to the URL or return the URL
// to the view to be presented to the cardholder as a link
return loginLink; |