Click or drag to resize

Single Sign On and Authentication

If you are implementing a single sign on feature between a school’s website or other application and My BackPack, you will need to authenticate users and link to the My BackPack landing page for the user, or, for more complex implementations, to one or more specific functional pages in My BackPack.

The basic user authentication process involves submitting the user name and password using the loginExt method from the UserManagementService to receive an authentication token. This token is then used in place of the user name and password for any further method calls during the user session, and is added to any linked My BackPack URL to identify the user, so you will want to keep track of it and keep it associated with the user session.

Authentication tokens expire after 5 minutes (a default which can be changed), but you can renew a token at any time up to 2 hours by using the renewToken method of UserManagementService. The timeout threshold is reset each time a call is made using the authentication token.

Note Note
The loginExt method may also return errors or warnings regarding the user password. See Password Management for important information about this part of the process so that you can provide logic to handle the various possible situations.

How To Implement Single Sign On

  1. Use the loginExt method from the UserManagementService to submit the user name and password as entered by the user.

  2. Upon a successful login, the web service returns an authentication token. (See Password Management for additional logic that may be required to handle login errors or warnings.)

  3. Use the authentication token as the authKey parameter for any further calls made during the user session, and add it to the My BackPack URL to link to the user’s landing page or specific My BackPack functions. See Deep Linking To My BackPack Functionality for the syntax and options for linking to the My BackPack pages.

  4. Use the renewToken method of UserManagementService as needed to renew the authentication token. You can use the checkAuthorizationKey method of UserManagementService to find out whether a token is still valid.

  5. If the user logs out of the school website or application, use the logout method of UserManagementService to also log the user out of My BackPack. This expires the authentication token so that it may no longer be used or renewed..

See Also