Difference between revisions of "WHMCS Single Sign-On"
(→FAQ) |
(→Supported Integrations) |
||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| + | __NOTOC__ | ||
WHMCS Single Sign-on allows trusted applications and third parties to authenticate users into a WHMCS installation automatically, without the user having to re-authenticate. | WHMCS Single Sign-on allows trusted applications and third parties to authenticate users into a WHMCS installation automatically, without the user having to re-authenticate. | ||
| − | + | ||
| − | ==Supported Applications== | + | Users are redirected to a specific WHMCS client area destination based on a single-use access token acquired by your trusted system. |
| − | + | ==Supported Integrations== | |
| + | You can leverage WHMCS SSO via the following methods: | ||
| + | ===API=== | ||
| + | The [https://developers.whmcs.com/api-reference/createssotoken/ CreateSsoToken API] allows you to script your own token generation, on demand, and is a powerful way to provide redirection from one secure system you operate into WHMCS. | ||
| + | |||
| + | ===Supported Applications=== | ||
| + | Applications rely on under-the-hood mechanisms using an existing trust between your WHMCS and a remote client resource to provide seamless login from the resource into WHMCS. | ||
| + | |||
The following applications are known to support and integrate WHMCS Single Sign-On: | The following applications are known to support and integrate WHMCS Single Sign-On: | ||
| − | + | ||
| − | * cPanel & WHM 54 and later | + | * [[CPanel_Single_Sign-On|cPanel & WHM 54 and later]] |
==FAQ== | ==FAQ== | ||
| − | + | ||
'''Q. What if my customer doesn't want Single Sign-On?'''<br /> | '''Q. What if my customer doesn't want Single Sign-On?'''<br /> | ||
| − | A client area security setting means end users are in complete control of whether or not Single Sign-On is allowed for their client account. They can enable/disable it at any time simply via the ''Account > Security Settings'' section of the client area. | + | A. A client area security setting means end users are in complete control of whether or not Single Sign-On is allowed for their client account. They can enable/disable it at any time simply via the ''Account > Security Settings'' section of the client area. |
| − | + | ||
'''Q. How secure is it?'''<br /> | '''Q. How secure is it?'''<br /> | ||
A. Our Single Sign-On implementation is based on the popular and widely used OAuth 2.0 authorization framework which outlines a secure workflow for accessing user data while protecting their account credentials. | A. Our Single Sign-On implementation is based on the popular and widely used OAuth 2.0 authorization framework which outlines a secure workflow for accessing user data while protecting their account credentials. | ||
| − | + | ||
'''Q. I'm a developer, how can I use it?'''<br /> | '''Q. I'm a developer, how can I use it?'''<br /> | ||
A. Developers should refer to our [[WHMCS Single Sign-On Developer Guide]] for technical information. | A. Developers should refer to our [[WHMCS Single Sign-On Developer Guide]] for technical information. | ||
Latest revision as of 15:22, 8 October 2020
WHMCS Single Sign-on allows trusted applications and third parties to authenticate users into a WHMCS installation automatically, without the user having to re-authenticate.
Users are redirected to a specific WHMCS client area destination based on a single-use access token acquired by your trusted system.
Supported Integrations
You can leverage WHMCS SSO via the following methods:
API
The CreateSsoToken API allows you to script your own token generation, on demand, and is a powerful way to provide redirection from one secure system you operate into WHMCS.
Supported Applications
Applications rely on under-the-hood mechanisms using an existing trust between your WHMCS and a remote client resource to provide seamless login from the resource into WHMCS.
The following applications are known to support and integrate WHMCS Single Sign-On:
FAQ
Q. What if my customer doesn't want Single Sign-On?
A. A client area security setting means end users are in complete control of whether or not Single Sign-On is allowed for their client account. They can enable/disable it at any time simply via the Account > Security Settings section of the client area.
Q. How secure is it?
A. Our Single Sign-On implementation is based on the popular and widely used OAuth 2.0 authorization framework which outlines a secure workflow for accessing user data while protecting their account credentials.
Q. I'm a developer, how can I use it?
A. Developers should refer to our WHMCS Single Sign-On Developer Guide for technical information.