Single sign-on (SSO)
Single sign-on (SSO) feature of the Paybis API enables your authenticated customers to avoid repeated logon in the Widget application.
Prerequisites
Receive confirmation from your Paybis integration manager that the Single Sign-On (SSO) feature has been enabled for your partner account before starting to use this feature. This is done during the onboarding process.
Partner should sign requests
Single sign-on (SSO) flow for Private and Public APIs
- Check that the user has an active session on your website.
- Call the Private API endpoint POST /Private Request OR the Public API endpoint POST /Public Request with the
passwordless
flag set totrue
,partnerUserId
(both are required) parameters, andemail
, as optional parameter. - Paybis system generates and returns in the POST /Private Request OR POST /Public Request endpoint response containing
oneTimeToken
along with therequestId
.
Note Ifemail
is not provided, the system will establish a relationship using thepartnerUserId
and validate it against a valid oneTimeToken. - Pass the retrieved
oneTimeToken
as an extra SDK parameter upon widget initialization or in query parameters if you are using the Direct URL Integration. - If the supplied
oneTimeToken
is valid, the customer is automatically logged in to the widget: email verification step is skipped in the Widget journey.
oneTimeToken
expiration is 15 min.
Updated 6 months ago
What’s Next