SSO URLs

/SsoUrls/

HTTP POST Service Account + Impersonation

Creates a Single Sign On (SSO) URL to VOCUS that contains an expiring security token asserting a user account's identity. This URL allows login to VOCUS without requiring the user to enter credentials.

All other login policies are still enforced both during the request to create the URL and the request that uses the URL. For example, a request to create a URL for an inactive account will fail when the request is made. If the account is active when the request is made, but deactivated before the URL is used, the account will be prevented from logging in when the URL is used.

The security token in the URL is governed by VOCUS' ExternalAppToApp authorization policy:

Tokens expire within 4 hours.
Tokens are reusable.
Tokens allow the user to select the "remember me" option if allowed by domain settings.
Users must still satisfy a 2FA requirement if present.

In addition, all tokens are revoked when a user is logged out from all devices ("logout everywhere"). This occurs when a user explicitly requests it, an administrator performs the logout on their behalf, or the account's password is changed.

Requests must be made by a service account impersonating a user account.

Input

Field	Type	Constraints	Detail
applicationName	String	Required	Supported Values: Platform FlightRisk Sms Training The impersonated account must have access to the application.

Sample Payload

        // create a URL to the default VOCUS homepage
        var payload = {
            applicationName: "Platform"
        };

Output

See HTTP Response Codes

HTTP Status	Data
201

API Version 14.1.9203.25249