External Authentication
External authentication enables customers to employ their own authentication provider in any location
and works with both cloud and OnPremise installations.
As long as you can host a simple web page or http accessible service that integrates your provider
and you can support code that makes a simple secure http request to Integrify, it is easy to set up.
Integrify can provide you with simple examples as a starting point.
Our cloud OAuth-based workflow is as follows:
- User browses to https://yourcompany.integrify.com.
- Integrify responds with a unique session token and triggers the user's browser to redirect or make an ajax call to your hosted authentication service. (i.e. https://auth.yourcompany.com?token=1d774198f68b4988be829ca65129d208&redirect=http://yourcompany.integrify.com)
- Once the user is authenticated by your provider, the hosted service makes a secure http request or handshake to https:/yourcompany.integrify.com/access/impersonate?request-token=true&key={your_key}&user={a_valid_user_name}&token={token_from_above}, passing the token generated by Integrify in step 1 and a user name that matches the Integrify user's user name.
- The authentication service then responds with a callback or redirects the user's browser back to the value of the redirect parameter passed by Integrify in step 1. https://yourcompany.integrify.com, completing the authorization process and granting the user access to Integrify.
- No passwords are passed to Integrify. The provider, not the user, controls the information passed to Integrify.