Single Sign On (SSO)
# Single Sign On (SSO)
# API Declaration
The "token" param must be contained in the header of the https request when calling the API.
Token is the only global API call credential for the Sobot API open platform. It is used when developers call the business APIs and thus should be properly kept. At least 32 chars should be reserved to store token. The validity period of token is currently 24 hours. It needs to be refreshed regularly or reacquired according to the token failure prompt returned by the API. When requesting the token API, regardless of the existence of token, a new token will be returned and its expiry time will be reset (currently 24 hours).
Token usage description:
- Developers need to obtain and manage the token uniformly. When calling the Sobot open APIs of various business, they should use the same token, instead of refreshing and obtaining new tokens for each business. Otherwise, it will easily lead to token invalidation and affect the normal API call.
- The current validity period of the token is transmitted by the returned expire_in, which is currently a value within 86,400 s. Developers need to refresh the new token in advance based on this valid time.
- Developers should reacquire the token according to the token invalidation prompt returned by the API.
# API Call
# ● Get the Access Token Code
API description:
Get the open API token, which is only applicable to all APIs of Sobot Open Platform v5.0. Contact Sobot after-sales personnel to get the params appid and app_key in API.
Request method:
GET
Request URL:
https://sg.sobot.io/api/get_token
Request param:
| Param | Type | Required | Description |
|---|---|---|---|
| appid | String | Yes | The 3rd-party user's unique API call credential ID |
| create_time | String | Yes | Timestamp (s), e.g.: timestamp 1569397773 for 2019-09-25 15:49:33 |
| sign | String | Yes | Signature, which is md5(appid+create_time+app_key) sign signature; app_key is a key |
Return param:
| Param | Type | Required | Description |
|---|---|---|---|
| ret_code | String | Yes | Return code |
| ret_msg | String | Yes | Return message |
| item | Object | No | Return object |
item object:
| Param | Type | Required | Description |
|---|---|---|---|
| token | String | Yes | token code |
| expires_in | String | Yes | Credential valid time |
Timestamp conversion tool:
https://www.unixtimestamp.com/
sign signature generation example:
E.g., appid = "1"; create_time="1569397773"; app_key="2"
sign = Md5("115693977732") is 258eec3118705112b2c53dc8043d4d34.
Request example:
curl https://sg.sobot.io/api/get_token?appid=1&create_time=1569397773&sign=258eec3118705112b2c53dc8043d4d34
Return example:
{
"item": {
"token": "4ac37cb2e9c740dba4b75a34d5358802",
"expires_in": "86400"
},
"ret_code": "000000",
"ret_msg": "Success"
}
2
3
4
5
6
7
8
# ● SSO
API description:
API type: Active call API
API function: You can call this API to get a temporary URL. By accessing this URL, you can directly enter the Sobot backend of an account, thus implementing the SSO business.
Request method: POST
Request URL:
https(http)://sg.sobot.io/api/public/sso/5/login_url
Note: The login link returned by using the https request is based on the https protocol. The login link returned by using the http request is based on the http protocol
Request param:
| Param | Type | Required | Description |
|---|---|---|---|
| agent_email | String | Yes | Agent Email |
| type | String | No | Login page, 2: livechat workbench, 3: call workbench, 4: new Sobot admin backend, 5: agent workbench. If the param is not passed, the returned page link is the Sobot admin backend page |
| status | Integer | No | Login status, 1: online, 2: occupied |
| redirect_url | String | No | The path to the page you want to access can be obtained by logging into the system backend and obtaining in the URL in the browser;If not passed, the returned page link is the Sobot admin backend page;When it exists with type, priority is given to the requirements for URL path for passing the parameters of type 1. Only support URL of the new version of console; 2. Only support URL of ticket center and live chat agent product line; 3. Only support URL of management workbench. Not support URL of livechat workbench and call workbench; |
| enable_menu | String | No | Whether to retain left product column of Sobot 1-Yes, 2-No, 1 by default |
| logout_url | String | No | After the user logs out, the interface will redirect to the URL page. If it is not passed, it will redirect to the Sobot login page |
Return param:
| Param | Type | Required | Description |
|---|---|---|---|
| ret_code | String | Yes | Return code |
| ret_msg | String | Yes | Return message |
| item | Object | Yes | Return object |
Item object:
| Param | Type | Required | Description |
|---|---|---|---|
| url | String | Yes | Jump URL |
Request example:
curl https(http)://sg.sobot.io/api/public/sso/5/login_url
-X POST
-H 'content-type: application/json'
-H 'token: 4ac37cb2e9c740dba4b75a34d5358802'
-d '
{
"agent_email": "xiaoming@sobot.io",
"type": "1",
"status": 1
}'
2
3
4
5
6
7
8
9
10
Return example:
{
"item": {
"url": "https://sg.sobot.io/console/openAPI/login/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiIxODUwMDM5NTY2OEAxNjMuY29tIiwiZXhwIjoxNTczMjcxMTc2fQ.__nZg_aekTGUwz7qoz_Cw7bIF9sQ66ughijr1FLsX9c"
},
"ret_code": "000000",
"ret_msg": "Success"
}
2
3
4
5
6
7