Page History
...
The purpose of the Bridge is to match this username with an existing user in Yellowfin and perform a Single Sign-On (SSO) into Yellowfin as that user. Very rarely there will be a password available from the third-party source. The LOGINUSERNOPASSWORD web service will allow for the Bridge to log in a user using only their Username. Alternatively, LOGINUSER can be used to log the user with a password.
...
Sometimes there will be a need to auto-create the users if they do not yet exist in Yellowfin. This might require using additional information to create the user, like email address, first and last name, etc. which should be sourced from the third-party authentication source. The Bridge can use the GETUSER or VALIDATEUSER web service function to determine if a user exists in Yellowfin or not and the ADDUSER web service call to create a user. If bulk user creation option is required, ADDUSERS ADDUSERS web service function can be called.
Part of the Bridge process may also be to modify the user's Yellowfin role or group membership as part of the login process. If Yellowfin is integrated with a product where access to different content may change, it may be required to update this group membership during the login process. This would require sourcing information from the third-party source about what groups a user should be added to/removed from. The UPDATEUSER web service call will allow a user’s role to be modified and the INCLUDEUSERINGROUP / EXCLUDEUSERFROMGROUP EXCLUDEUSERFROMGROUP web service calls can be used to add/remove from groups that determine what Yellowfin content they can access.
...
Expand | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||
This service connects to Yellowfin and retrieves a login token for a given user which is defined by user ID (such as an email address or any other ID depending on the Login ID method). When this token is passed with the Yellowfin Login URL, it will disable the login screen for the authenticated users and their session will start immediately. For example, if admin@yellowfin.com.au is a web service admin user, the request should be this:
Redirecting to Yellowfin with the Login TokenUsing the token received from the web service call (the contents of AdministrationResponse.LoginSessionId), you can forward the user to the URL:
This URL will bypass the authentication screen in Yellowfin and take the user directly into Yellowfin.
Using the token with the JavaScript APIThe SSO token can also be used with embedded JavaScript API widgets. The token is added to the scriptlet URL like this:
Complete ExampleYou can use the following LOGINUSER example. To try it out, follow these steps;
|
...