Dashboard API Single Sign On
Note
This functionality is available from v2.9.0. If you have an older version please using the admin api
The Dashboard SSO API allows you to implement custom authentication schemes for the Dashboard and Portal. Our Tyk Identity Broker (TIB) internally also uses this API.
Generate authentication token
The Dashboard exposes the /api/sso
Dashboard API which allows you to generate a temporary authentication token, valid for 60 seconds.
You should provide JSON payload with the following data:
ForSection
- scope with possible values of"dashboard"
or"portal"
only.OrgID
- organisation idEmailAddress
- user emailGroupID
- user group id ( it is the mongo id and you can can find it in the url when opening a user group via Tyk- Dashboard UI or if you call Tyk-Dashboard REST API/api/usergroups
)
Property | Description |
---|---|
Resource URL | /api/sso |
Method | POST |
Body | {"ForSection":"<scope>", "OrgID": "<org-id>", "EmailAddress": "<email-address>", "GroupID": "<user-group-id>"} |
Sample Request
POST /api/sso HTTP/1.1
Host: localhost:3000
authorization:7a7b140f-2480-4d5a-4e78-24049e3ba7f8
{
"ForSection": "dashboard",
"OrgID": "588b4f0bb275ff0001cc7471",
"EmailAddress": "[email protected]",
"GroupID": ""
}
Sample Response:
{"Status":"OK","Message":"SSO Nonce created","Meta":"YTNiOGUzZjctYWZkYi00OTNhLTYwODItZTAzMDI3MjM0OTEw"}
See Single Sign On documentation for how to use this token and more details.