Skip to main content

Single sign-on (SSO)

Last updated: 13-Oct-2021
Rate this article:

Overview

Use this method to redirect and login users of the Channel Manager/Partner account automatically from your system into their CM/Partner account based on their email address. This method connects third-party systems with the 2Checkout Channel Manager/Partner Control Panel and enables your partners to seamlessly sign in to their Control Panel.

getPartnerSingleSignOn logs the partner users only into the Channel Manager account associated with your 2Checkout account. This method will not replicate the functionality of a full sign-in operation for users who partnered with multiple 2Checkout vendors and are leveraging connected partner accounts.

Requirements

This method requires you to set a specific partner using setPartner.

Parameters

Parameter Type/Description
sessionID Required (String)
  Session identifier, output of the Login method. An exception is thrown if the values are incorrect.
email Required (String)
  Channel Manager/Partner user account email address.
partnerCode Required (String)
  Unique partner identifier.
accessPage Required (String)
 

The specific Channel Manager / Partner control panel page you want the user to be redirected to.

Possible values:

You can use any URL in the Channel Manager/Partner Control Panel, including links to specific orders, subscriptions/licenses, and partner invoices.

validityTime Optional (Int)
  The time, in seconds, before the single sign-on URL returned by this method expires. By default, the URL expires after 10 seconds.
validationIP Optional (String)
  The IP address of the Channel Manager/Partner Control Panel user, required for security purposes. Can be an empty string or a valid IP, but cannot be NULL.

Response

Parameter Type/Description
Single sign-on URL String
 

The string is the complete single sign-on URL with a token to allow authentication into Channel Manager from external domains. Partner account users are logged in automatically to their Channel Manager accounts.

The URL can be used only once and only within the interval of time in which it's valid. Call this method again to generate a new single sign-on URL for a subsequent login action.

Request

<?php

require('PATH_TO_AUTH'); // Authentication example: https://knowledgecenter.2checkout.com/Integration/Channel_Manager_API/SOAP/02Authentication
require('PATH_TO_setPartner'); // setPartner example: https://knowledgecenter.2checkout.com/Integration/Channel_Manager_API/SOAP/06Reference/Partner/00Set_partner

$email = 'YOUR_PARTNER_EMAIL';
$partnerCode = 'YOUR_PARTNER_CODE';
$accessPage = 'YOUR_ACCESS_PAGE_URL';
$validityTime = VALIDITY_TIME;
$validationIP = 'VALIDATION_IP_ADDRESS';

try {
    $PartnerSingleSignon= $client-> getPartnerSingleSignOn ($sessionID, $email, $partnerCode , $accessPage, $validityTime, $validationIP);
} catch (SoapFault $e) {
    echo "SSO: " . $e->getMessage();
    exit;
}
var_dump ("SSO", $PartnerSingleSignon);

Errors

Error Description

INVALID_EMAIL

The email address is mandatory.

INVALID_EMAIL

Please specify a valid email address.

INVALID_PARTNER

The partner code is mandatory.

INVALID_PARTNER

Partner code provided is not associated to an active partner account.

INVALID_USER

Email address provided is not associated to a partner account user.

INVALID_URL

The page URL is mandatory.

INVALID_URL

The page URL provided is not valid.

INVALID_VALIDITY_TIME

Validity time needs to be a positive numeric value.

INTERNAL_ERROR

Cannot save security token. Please try again.

 

Rate this article:

Need help?

Do you have a question? If you didn’t find the answer you are looking for in our documentation, you can contact our Support teams for more information. If you have a technical issue or question, please contact us. We are happy to help.

Not yet a Verifone customer?

We’ll help you choose the right payment solution for your business, wherever you want to sell, in-person or online. Our team of experts will happily discuss your needs.

Verifone logo