Authorization API

Endpoint is /sso/ttapi/2.0/authz/0/authn.
Function exchanges a valid SSO Token acquired via authentication at SSOCircle to an long lived authorization token used for API access.

Request(POST)
Parameters Type Value Description
grant_type Request parameter urn:ssocircle:api:sessiontoken or password the type of credentials submitted in the password parameter
username Request parameter <userid>@<identifier>
<identifier>:
for public IDP is ssocircle
for IDPee is <idpeename>
sample username for user max in IDPee mycompany would be: max@mycompany.
Parameter only required for password grant type.
password Request parameter password/token string valid SSO session token or password
scope Request parameter SAML optional

Table 2

Sample request for urn:ssocircle:api:sessiontoken grant type:

POST https://idp.ssocircle.com/sso/ttapi/2.0/authz/0/authn HTTP/1.1
Host: idp.ssocircle.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Authorization: Bearer nN42C7bQnqzeTZi11fhPWd6cUwOwA17uq+ol5OyIT2o7888xiIMi3udG61j+3PfrUpmOe2adK+5
Ql3L1oK056w==
Content-Type: application/json; charset=UTF-8
Content-Length: 246

grant_type=urn:ssocircle:api:sessiontoken&scope=SAML&password=
AQIC5wM2LY4Sfcy3ifL8vGYbzixe7rETt20fYIq3ZD3Or0s.*AAJTSQACMDIAAlNLABM4NTU1NzIwMDc5NjE3NDA1NjIxAAJTMQTZMDM.*

Sample request for password grant type:
POST https://idp.ssocircle.com/sso/ttapi/2.0/authz/0/authn
Host: idp.ssocircle.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Authorization: Bearer nN42C7bQnqzeTZi11fhPWd6cUwOwA17uq+ol5OyIT2o7888xiIMi3udG61j+3PfrUpmOe2adK+5
Ql3L1oK056w==
Content-Type: application/json; charset=UTF-8
Content-Length: 92

grant_type=password&scope=SAML&username=youruser@ssocircle&password=yourpw

Response
Parameters Type Value Description
access_token JSON Authorization token used for API requests Access token is valid for length of subscription or manual removal
error JSON Error string e.g. invalid_grant
error_description JSON Error description
HTTP Return Codes
200 request successful
400 error as specified in the error description

Table 3

Sample response:

200 OK
Server: "SSOCircle Web Server"
Date: Thu, 03 Apr 2014 13:47:20 GMT
Content-Length: 126
Content-Type: application/json;charset=UTF-8
Set-Cookie: SSOCTT=tT1e26d10e92aafd858a6ddb19097abea4b1246a577f7788885fb0ad505ee20e39e418c352108e
772a353e4f13670072b1d3ed1ba8bc5afdaf7973824228444df1351981daa024ba8b3e0eecafe3c00739e; Path=/

{"access_token":"nN42C7bQnqzeTZi11fhPWd6cUwOwTifuq+ol5OyIT2o7LABxiIMi3udG61j+3PfrUpmOe2adK+5Ql3L1oK056w=="}

latest technology

SSO Check your Partners

Test your SAML Service Provider for configuration and implementation errors.

Use our verification service on an ongoing bases and get the SSOChecked Seal.

Single password

Hosted Identity Provider

Use our free public IDP or the white label IDPee for your organization or corporate.

Be sure to get a quote if you are interested in getting one of our products.

write a mail

Contact Us

Interested in our services?

Contact us by sending a mail to info[at]ssocircle[dot]net, or by using our contact form.