0

SSO Setup

If the SSO feature is activated on your account, ReachFive will manage the end-user’s cookie session.

When a user logs in, a session cookie is created on your ReachFive domain (youraccount.reach5.net). This allows the user to not having to log in again on a later visit, or when accessing another website linked to the same ReachFive account.

On your website, the state of the session must be checked before displaying the login UI. If a session is active, the user must be directly authenticated and the login UI bypassed.

With ReachFive’s authentication widget

If you are using our authentication widget, this process is implemented transparently:

// If a session is active, the widget will not be displayed, and the
// authentication process will be triggered with the specified auth parameters.
reach5('showAuth', {
  container: document.body,
  auth: {
    redirectUri: 'https://mydomain.com/login/callback'
  }
});

With a custom UI

If you are using a custom UI, you must explicitly check the session state (with getSsoData command) before displaying the UI.

If a session is active, you can use the loginFromSession command to authenticate the user.

var authOptions = {
    redirectUri: 'https://mydomain.com/login/callback'
};

reach5('getSsoData', function (err, session) {
    if (session.isAuthenticated) {
        // If a session is active, trigger the authentication process
        reach5('loginFromSession', authOptions, function (err) {
          console.error(err);
          document.getElementById("login-form").style.display = 'block';
        })
    } else {
      // If not, display the login form
      document.getElementById("login-form").style.display = 'block';
    }
});