What is Single Sign On (SSO) and how to implement it?
Single sign-on helps you to seamlessly authenticate your users via their existing accounts on your application. This provides an endearing experience for your users by eliminating the need to log in to leave feedback.
You'll find Single Sign-On settings under Company settings. To understand Single Sign-On from a technical standpoint, visit our developer docs.
How Single Sign-On Works
Open the SSO settings under Company settings, and follow along with the steps.
- First, generate a Secret Key for your Rapidr account.
This can be done in your SSO settings. We'll generate a secret, pseudo-random key only known to the account team-members and our servers.
- Create a login redirect page on your website
This could be your normal login page or a custom single sign-on page that redirects your authenticated users back to Rapidr with an SSO token. This is the page where we will send your users to log in if they aren't authenticated on Rapidr already. Add the Redirect URL in your SSO settings on Rapidr.
- Authenticate the user by letting them log in to their account
If the user is already logged in, you can skip this step. - Send a request to your server to generate a Single Sign-On token
Once the user is logged in, fetch an SSO token to authenticate them in Rapidr. Learn how to generate SSO tokens on your server by following our developer documentation. - Redirect them back to Rapidr
When we send users to your application, we'll also include aredirect
query parameter. This tells us where to send your users (to the exact page they were initially on) after they've been logged in. Learn more on how to receive the request query parameter and redirect your customers to the correct URL here. -
Include Feedback Portal link in your application
Most of the time, you'd want to include the link to your Feedback Portal inside your application where users are already authenticated. Instead of linking directly to the URL, you can point to the Single Sign-On endpoint with their valid token. This helps in a seamless transition from your application to the feedback portal.
- Enable SSO
Once all the setup is, you have to enable the SSO settings in the company setting externally. Please note: Once the SSO is enabled, we will disable all existing authentication mechanisms.
Debugging JSON Web Token
Use our debugger tool to test that the issued JWT is valid and Rapidr is able to decode it. Then, push it live to your users.
If you have any questions or issues while setting this up, don't hesitate to reach out to us.