Single sign-on (SSO)
Overview
Use this method to redirect and login users of the Channel Manager/Partner account automatically from your system into their CM/Partner account based on their email address. This method connects third-party systems with the 2Checkout Channel Manager/Partner Control Panel and enables your partners to seamlessly sign in to their Control Panel.
getPartnerSingleSignOn logs the partner users only into the Channel Manager account associated with your 2Checkout account. This method will not replicate the functionality of a full sign-in operation for users who partnered with multiple 2Checkout vendors and are leveraging connected partner accounts.
Requirements
This method requires you to set a specific partner using setPartner.
Parameters
| Parameter | Type/Description |
|---|---|
| sessionID | Required (String) |
| Session identifier, output of the Login method. An exception is thrown if the values are incorrect. | |
| Required (String) | |
| Channel Manager/Partner user account email address. | |
| partnerCode | Required (String) |
| Unique partner identifier. | |
| accessPage | Required (String) |
|
The specific Channel Manager / Partner control panel page you want the user to be redirected to. Possible values:
You can use any URL in the Channel Manager/Partner Control Panel, including links to specific orders, subscriptions/licenses, and partner invoices. |
|
| validityTime | Optional (Int) |
| The time, in seconds, before the single sign-on URL returned by this method expires. By default, the URL expires after 10 seconds. | |
| validationIP | Optional (String) |
| The IP address of the Channel Manager/Partner Control Panel user, required for security purposes. Can be an empty string or a valid IP, but cannot be NULL. |
Response
| Parameter | Type/Description |
|---|---|
| Single sign-on URL | String |
|
The string is the complete single sign-on URL with a token to allow authentication into Channel Manager from external domains. Partner account users are logged in automatically to their Channel Manager accounts. The URL can be used only once and only within the interval of time in which it's valid. Call this method again to generate a new single sign-on URL for a subsequent login action. |
Request
<?php
require('PATH_TO_AUTH'); // Authentication example: https://knowledgecenter.2checkout.com/Integration/Channel_Manager_API/SOAP/02Authentication
require('PATH_TO_setPartner'); // setPartner example: https://knowledgecenter.2checkout.com/Integration/Channel_Manager_API/SOAP/06Reference/Partner/00Set_partner
$email = 'YOUR_PARTNER_EMAIL';
$partnerCode = 'YOUR_PARTNER_CODE';
$accessPage = 'YOUR_ACCESS_PAGE_URL';
$validityTime = VALIDITY_TIME;
$validationIP = 'VALIDATION_IP_ADDRESS';
try {
$PartnerSingleSignon= $client-> getPartnerSingleSignOn ($sessionID, $email, $partnerCode , $accessPage, $validityTime, $validationIP);
} catch (SoapFault $e) {
echo "SSO: " . $e->getMessage();
exit;
}
var_dump ("SSO", $PartnerSingleSignon);
Errors
| Error | Description |
|---|---|
|
INVALID_EMAIL |
The email address is mandatory. |
|
INVALID_EMAIL |
Please specify a valid email address. |
|
INVALID_PARTNER |
The partner code is mandatory. |
|
INVALID_PARTNER |
Partner code provided is not associated to an active partner account. |
|
INVALID_USER |
Email address provided is not associated to a partner account user. |
|
INVALID_URL |
The page URL is mandatory. |
|
INVALID_URL |
The page URL provided is not valid. |
|
INVALID_VALIDITY_TIME |
Validity time needs to be a positive numeric value. |
|
INTERNAL_ERROR |
Cannot save security token. Please try again. |
