Login

The ConsCent SSO service allows users to authenticate themselves on the ConsCent platform. This service supports both login and logout functionalities, which can be hosted by either ConsCent or client

The below code is used for implementing the ConsCent Login System.

To prompt the user to log in, use the following code:

const csc = window._csc as any;
csc('login-with-redirect');

Check User Authentication Status

To check whether the user is logged in, use the following code:

const csc = window._csc;
_csc('add-auth-state-listener', (userId) => {
  if (userId) {
    console.log('User is logged in');
  } else {
    console.log('User is not logged in');
  }
});

Fetch User Details

To retrieve the logged-in user's details, use the following code:

const csc = window._csc;
csc('get-user-details', {
  successCallbackForUserDetails: async (userDetailsObject) => {
    console.log('Success callback received from ConsCent login', userDetailsObject);
  },
});

The SSO service utilizes a JWT (JSON Web Token) authorization code, generated upon successful login, to manage user authentication. This guide outlines the necessary steps to integrate the SSO service into your application, including endpoint details and usage examples.

Authorization Code (JWT)

Upon successful authentication, an authorization code in the form of a JWT is generated.

Signing Algorithm: RSA256
Public Key Requirement: To verify the JWT, share your public key with ConsCent in PEM (Privacy Enhanced Mail) format. The key must be 2048 bits.

AuthorizationCodeToken {
  iss: string; // client group ID 
  sub: string; // user ID
  exp: number; // expiry date unix time
  iat: number; // issue date unix time
  jti: string; // session ID
  unq: string; // unique identifier for each authz_code (uuid v4 preferred)
  email?: string;
  phone?: string;
  name?: string;
}

URL: The Login and Logout URLs need to be shared by the client with Conscent Team.
Functionality:

For Login: Redirects the user to the specified login page for authentication. Once authenticated, the service generates an authorization code and redirects the user to a URL specified in the redirectUrl query parameter.

For Logout: Redirects the user to the specified logout page, logs them out.The user is then redirected to a URL specified in the redirectUrl query parameter.

Required Parameters:
- redirectUrl: Specifies the URL where the user should be redirected post-login.
- clientId: Specifies the client’s unique identifier.

Example Requests:

*Login Request*

REDIRECT https://sso.host/login?redirectUrl=https://yourapp.com/home&clientId=client1

*Logout Request*

REDIRECT https://sso.host/logout?redirectUrl=https://yourapp.com/home&logoutFromAllDevices=false&clientId=client1

Example Response:

*After successful authentication, the user is redirected to*

REDIRECT https://yourapp.com/home?authorizationCode=AUTH_CODE

*After successful logout, the user is redirected to*

REDIRECT https://yourapp.com/home

PreviousUser Details Drawer NextGoogle One Tap

Last updated 2 months ago

CONSCENT LOGIN:

User Login

Fetch User Details

CLIENT LOGIN:

Authorization Code (JWT)

Login and Logout Endpoint