- Get Started
- Guides
- Integrations
- References
- API Reference
- Basic Payment
- Forex
- Authentication
- Card Account
- Apple Pay
- Virtual Account
- Bank Account
- Token Account
- Customer
- Billing Address
- Merchant Billing Address
- Shipping Address
- Merchant Shipping Address
- Merchant
- Corporate
- Recipient
- Marketplace & Cart
- Airline
- Lodging
- Passenger
- Tokenization
- Recurring Migration
- 3D Secure
- Custom Parameters
- Async Payments
- Webhook notifications
- Job
- Risk
- Response Parameters
- Card On File
- Chargeback
- Result Codes
- Payment Methods
- Transaction Flows
- Regression Testing
- Data Retention Policy
- API Reference
- Support
Single Sign On FAQ
Last updated:October 29, 2024
We are excited to announce the upcoming launch of the new version of our Single Sign-On (SSO) service. This migration guide is specifically for customers with their own applications using our SSO. Follow the steps below to ensure a smooth transition.
Updated Endpoints
Please update your application to use the following new endpoints:- Authentication
- From:
/authentication/v1/authenticate
- To:
/sso/v2/authorize
- Token Management
- From:
/authentication/v1/tokens
- To:
/sso/v2/token
- User Information
- From:
/authentication/v1/users
- To:
/sso/v2/userinfo
- Logout
- From:
/authentication/v1/logout
- To:
/sso/v2/logout
- Session Tracker
- From:
/authentication/v1/sessionTracker/oasm.js
- To:
/sso/sessionTracker/oasm.js
Authorization Request Parameters
When making an authorization request to/sso/v2/authorize
, please include the following parameters:
- scope: Specifies the access privileges. For OpenID Connect, use:
openid
: Indicates the use of the OpenID Connect protocol to verify the user’s identityprofile
: Requests additional profile information such as name and preferred_username (email).
- login_hint: (Recommended) Customizes the login prompt UI based on the CSS/JS styling set up at the indicated entity id.
Scope Parameter: Use space-separated values (e.g.,
Consent Requirement: Users must consent during login if the
scope=openid profile
) to request OpenID Connect
and profile information.
Consent Requirement: Users must consent during login if the
profile
scope requests Personal Identifiable Information like
name and username (email).
User Info Response Parameters
When making a user information request to/sso/v2/userinfo
, please note the change in the attached_to
response
parameter:
- Previous Format:
{ "attached_to":[ { "id":"/PSPName", "type":"[name: PSP, value: 0]" }, { "path":"/PSPName/DivisionName/MerchantName", "type":"[name: Merchant, value: 0]" } ] }
- Updated Format:
{ "attached_to":[ { "path":"/PSPName", "level":"PSP", "entityId":"[entity id]" }, { "path":"/PSPName/DivisionName/MerchantName", "level":"MERCHANT", "entityId":"[entity id]" } ] }