Single Sign On (SSO) Redirect From Central Desktop to Another 3rd Party Application
Central Desktop allows you to punch out to other 3rd party web applications giving the user a single sign on experience. This feature is available only to Company Plans and requires the Security Pack Add on.
SSO is achieved by Central Desktop by doing a FORM POST to the URL of your choosing.
How to Get Started:
- Sign up for the Security Pack Option
- Go to Company Setup -> Advanced Options
- Fill out the URL you want to the FORM POST to redirect to under the "Single Sign On Redirect URL" area.
- Create a hyperlink (typically in your navigation bar in Central Desktop) via the Application Style Template and link to: https://[yoursubdomain].centraldesktop.com/utils/sso/client_sso (it is HIGHLY recommended that you post to a HTTPS form - with SSL)
- Once you create the hyperlink in the Application Style Template you should be able to click on it and the be auto redirected to the URL you specified above.
The following fields will be passed in the FORM POST:
|
Parameter Name
|
Description
|
|
cd_guid
|
Central Desktop User GUID part 1. This "guid" is part 1 of the 2 factor authentication schema. This is a unique string that identifies the logged in user.
|
|
cd_alt_guid
|
Central Desktop User GUID part 2. This "guid" is part 2 of the 2 factor authentication schema. This is a unique string that identifies the logged in user.
Match cd_guid and cd_alt_guid in your own application to authenticate the user.
|
|
cd_client_reference_id
|
This field is populated by you via CD or the CD API. It can contain up to a 255 char string reference as a unique identifier into your system. (Optional use) There are four client reference ID fields that you can use at your discretion.
|
|
cd_client_reference_id_2
|
Field 2 - same description as above.
|
|
cd_client_reference_id_3
|
Field 3 - same description as above.
|
|
cd_client_reference_id_4
|
Field 4 - same description as above.
|
|
cd_username
|
Central Desktop Username of the logged in user.
|
|
cd_fullname
|
Full Name of the logged in user.
|
|
cd_email
|
Email Address of the logged in user.
|
|
cd_phone
|
Phone Number of the logged in user
|
The page that accepts these form parameters (your page, the one you are going to create), should use the cd_guid and cd_alt_guid parameters (and/or cd_client_reference_id) to perform the single sign on.
Optional Parameters:
When linking to this URL: https://[yoursubdomain].centraldesktop.com/utils/sso/client_sso
You can also add any additional GET parameters to this string that you like. These parameters will be automatically passed on in the FORM POST.
For example if you want to hard code a few links in the style template to redirect to various areas (deep link) of this 3rd party app you could link to something like:
https://[yoursubdomain].centraldesktop.com/utils/sso/client_sso?redirecturl=https://myapplication.com/helpdesk
This example will pass on the "redirecturl" parameter in the form post, such that you can perform the authentication and then further redirect the user to the appropriate area of the 3rd party application.
