Single Sign On (SSO) Setup

Auto-login users into the community hub iframe hosted on your website for a friction-less user experience
Sesame supports Single-Sign-On as a way of auto-logging in users on the community hub iframe hosted on your website. At a high level, it works as follows:
  1. 1.
    The host website (your website) passing in the user's auth-token to the iframe as a url param in the src attribute.
  2. 2.
    The sesame server uses this auth-token to make a server-to-server API call to your server endpoint (which needs to be pre-configured in Sesame's settings tab).
  3. 3.
    This endpoint on your side verifies that the auth token is valid and if so returns back basic user info, which is used by the Sesame to create the user profile and auto-login the user
Here are the steps that need to be followed by you to set things up:
1/ Configure the User Profile URL on the Sesame Settings page
There needs to be an endpoint hosted on your servers that is used to authorize the user and return back basic profile information. This endpoint will be interacted with directly from Sesame servers. Set this URL in the Single Sign On (SSO) section in your Sesame Admin Portal.
Customer's User profile endpoint to complete SSO
2/ Add Sesame Community Hub (consumer facing) as an iFrame on your custom domain
Follow the instructions in Custom domain to iFrame the Sesame Community hub into your own website.
To get SSO to work, you just need to make 2 more changes:
  1. 1.
    Update the src attribute on your iframe to add additionak url param of sso=true
<iframe id="sesame-app" src="https://sesamelabs.xyz/sesame?sso=true" frameborder="0"></iframe>
  1. 2.
    Once the user logs into your website you need to pass the user's authToken to the iframe by appending it to the src attribute. This can be done with some code like this
const frame = document.getElementById('sesame-app');
const authToken = "<auth-token>";
if (frame) {
const separator = frame.src.includes('?') ? '&' : '?';
frame.src = frame.src + `${separator}authToken=${authToken}`;
} else {
console.error('Element with id "sesame-app" not found');
3/ Leverage our Community hub APIs to send us user events and reward users with credits/xp
Once the integration is complete, you can leverage our Community Hub APIs to send events and reward users with credits/xp using the user ID of the user in your DB (externalId)