Set up single sign-on (SSO)

BriteCore provides single sign-on (SSO) solutions, so you and your users can log in to your system or website, and access the BriteCore system without having to log in separately.

Set up SSO

To set up single sign-on:

  1. Configure your website to pass along user credentials to BriteCore.
  2. Retrieve username and password combinations.
  3. Generate encrypted password, token, or encrypted username using one of the following hash methods:
    • mojoPortal
    • token-jwt
    • remote-passwordless-login-portal
  4. Complete the remoteLogin call, where:
    1. The username value equals the username or the encrypted username.
    2. The password value equals the encrypted password, the token, or it’s omitted.
    3. The hashmethod value equals mojoporatl, token-jwt, or remote-passwordless-login-portal.

See Figure 1.

Figure 1: Example of the remoteLogin call.

 

Hash method options

In the remoteLogin call, you will be prompted to input a hash method parameter. The hash method you input will inform BriteCore on how users’ information is encrypted, which will allow BriteCore to accurately verify user credentials. Using a hash method provides an extra layer of security, as the credentials are scrambled, converted into a token, or converted into a new username before the credentials are hashed with MD5 or SHA1.

  • mojoPortal: This method converts passwords to 2-byte unicode byte strings. If you choose to use this method, in the remoteLogin call, type mojoportal for the hash method value.
  • token-jwt: This method uses a token in place of a password to authenticate a user. If you choose to use this method, in the remoteLogin call, type token-jwt for the hash method value.
  • remote-passwordless-login-portal: This encryption method only requires the username value to be sent in the POST request. With this method, the username is encrypted using a secret key. This secret key is only shared between you and BriteCore. If you choose to use this method, in remoteLogin call, type remote-passwordless-login-portal for the hash method value.