Difference between revisions of "WHMCS Single Sign-On Developer Guide"

From WHMCS Documentation

(Created page with "WHMCS Single Sign-on allows trusted applications and third parties to authenticate users into a WHMCS installation automatically, without the user having to re-authenticate....")
(No difference)

Revision as of 00:02, 6 December 2015

WHMCS Single Sign-on allows trusted applications and third parties to authenticate users into a WHMCS installation automatically, without the user having to re-authenticate.

Our Single Sign-On implementation is based on the popular and widely used OAuth 2.0 authorization framework which outlines a secure workflow for accessing user data while protecting their account credentials.

Single Sign-on Workflow

Here's how the process works.

  1. The application requests an access token by sending its credentials to the OAuth Token API Endpoint
  2. If the application credentials check out, the WHMCS auth server will return an access token to the application
  3. The application then redirects the user to the Single Sign-On API Endpoint passing in the token and desired destination (scope)
  4. The user is authenticated and redirected to the requested destination.

Performing Single Sign-On requires an OAuth Credential Set with the single sign-on grant type.

Supported Destinations

Scope Name Destination
clientarea:profile My Details