This guide will tell you how to set up an application group that can be used by a group of SSO applications. The use case here is that two SSO applications A and B belonging to the same application group want to share tokens (i.e. Token generated by application A can be passed to application B, and application B can use the token by identifying itself as the calling application)
Setting Up the application group and adding applications
Creating an Application group
You must be logged into URS as a URS Admin in order to access these pages.
Creating Applications and adding to the group
You must be logged into URS as a URS Admin in order to access these pages.
Application ‘A’ generates a oauth token with value: HGJFKDAS for user 'urs_user', in the normal way by exchanging the authorization code for a token.
Application A can use its token in one of two ways to retrieve the user profile for ‘urs_user’
GET /api/users/urs_user?client_id=ABCD Authorization: Bearer HGJFKDAS |
GET /api/users/urs_user?calling_application=ABCD Authorization: Bearer HGJFKDAS |
Application B can use Application A’s token to retrieve user profile for ‘urs_user’
GET /api/users/urs_user?client_id=ABCD Authorization: Bearer HGJFKDAS |
GET /api/users/urs_user?calling_application=XYZ Authorization: Bearer HGJFKDAS |
**calling_application parameter will be deprecated in future EDL releases. It is being maintained for backwards compatibility currently.