This server-only method returns a single sign-on token that can be used in client-side POST requests to automatically log a user into the system, as well as creating a logged in session and providing a nonce and routing id which can be passed together in a URL. This is to be used in the case where a web site external to Luminate Online® has authenticated the site visitor and wants to direct the user's browser to the Luminate Online® system and have them automatically logged in to the Luminate Online® system. The external web server, after verifying the identity of the visitor, calls this API method to get a nonce and routing id that will log the user into the Luminate Online® system when sent by the visitor's browser in a subsequent HTTP request. To log in to the Luminate Online® system and visit most pages, the nonce and routing id need only be presented one time to connect to the logged-in session. However, if other API methods are used during the visit, the single sign-on token should be included as a POST parameter in all API requests to verify that the API methods are being called from a trusted source.
| Client Servlet | Server Servlet | HTTP Methods Supported | Requires Authentication |
|---|---|---|---|
| None. | SRConsAPI | POST | Yes. |
https://secure2.convio.net/organization/site/SRConsAPI?method=getSingleSignOnToken & api_key =value & login_name =value & login_password =value & v =value [ & center_id =value ] [ & response_format =xml |json ] [ & source =value ] [ & sub_source =value ] [ & suppress_response_codes =value ] [ & cons_id =value ] [ & member_id =value ]This server-only method returns tokens that can be passed in a client-side POST requests to log a user authenticated by a third-party server into the Luminate Online® system. It is to be used in the case where a web site external to Luminate Online® has authenticated the site visitor and wants to direct the user's browser to the Luminate Online® system and have them automatically logged in to the Luminate Online® system, or access client APIs in the context of an authenticated user session. The server calling this method should not include any session cookie or session ID in the request. If a session cookie or session ID is included in the request, the existing session will be immediately destroyed.
This method must be invoked over a secure channel by a host system that is recognized by the Luminate Online® server in its approved IP Allow List, and must stipulate a valid cons_idmember_id
See topic Common Parameters.
Optional. The Luminate Online® constituent ID for the user on whose behalf the token is requested. Optional, however, either a unique cons_id or a unique member_id parameter must be supplied in order for the call to succeed.
Type xsd:nonNegativeInteger.
Optional. The client's unique member ID , as recorded in the Luminate Online® constituent database, for the user on whose behalf the token is requested. Optional, however, either a unique cons_id or a unique member_id parameter must be supplied in order for the call to succeed.
Type xsd:string.
See topic HTTP Status Codes.
XML response<?xml version="1.0" encoding="UTF-8"?>
<getSingleSignOnTokenResponse xsi:schemaLocation="http://convio.com/crm/v1.0 http://service.convio.net/xmlschema/crm.public.v1.xsd" xmlns="http://convio.com/crm/v1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<token>5F8p37tMzmB9qfjoXd9i2nkb_INrxXfa8wL7rbpSQkm5gwEgRQV5F6YmJwfKbIIgbHbeqaJcGNLWGdJqrxegrw..</token>
<cons_id>1000543</cons_id>
<nonce>42FF6B3EDC682E2FB63415EC76C9885F</nonce>
<JSESSIONID>AS348AF929FK219CKA9FK3B79870H.host1</JSESSIONID>
<routing_id>00000000.app02c</routing_id>
</getSingleSignOnTokenResponse>{"getSingleSignOnTokenResponse":{"JSESSIONID":"AS348AF929FK219CKA9FK3B79870H.host1","routing_id":"00000000.app02c","nonce":"42FF6B3EDC682E2FB63415EC76C9885F","token":"5F8p37tMzmB9qfjoXd9i2nkb_INrxXfa8wL7rbpSQkm5gwEgRQV5F6YmJwfKbIIgbHbeqaJcGNLWGdJqrxegrw..","cons_id":"1000543"}}