Using Asi's Single Sign On iPart

In Service Pack F - 20.2.64.8730 a new iPart was introduced to support Single Sign-On. This article will demonstrate the iPart using two free tools RequestBin and Postman.

Once you understand how to use the iPart with these tools, you will be able to use this iPart to implement a Single Sign On strategy for your 3rd party websites/web applications.

First let’s setup the RequestBin endpoint, which will mimic a 3rd Party endpoint to accept post requests from iMIS.

RequestBin Setup

  1. Navigate to https://requestb.in

  2. Prove you are not a robot

  3. Click Create a request bin

  4. You should see a page like this:

  1. Copy the Bin Url in Notepad then navigate to the iMIS Staff site

iMIS Client Application Setup

  1. In the iMIS Staff site, go to Rise -> Maintenance -> Client Applications

  2. Fill out the form using the RequestBin url for the value "Login redirect URL" and create values for the rest of the fields

  1. Click Save

iMIS Content Record Setup

  1. Add a new content record to iMIS

  2. Add the new Single Sign On iPart to the content record

  1. Select the client application that was setup earlier

  1. Click Ok, then Save and Publish (Below is an example of the configured record)

Mimic a 3rd party application requesting a refresh token from iMIS

  1. Navigate to the content record, in this demo the url is http://member.org/Shared_Content/AsiSingleSignOnDemo.aspx

  2. The browser should redirect to https://requestb.in

  1. Add the following query string to the end of the Url: ?inspect

  1. Find the post response and copy the refresh_token value from the raw body. (in this demo it is 2101be8000394ac2b54733cb85faf389 )

Mimic a 3rd party application requesting the logged in iMIS user and an iMIS api access token

  1. Open Postman and create a POST request to the iMIS Token endpoint

  1. Click send and review the response

  1. Copy the access_token value from the Postman response and create a GET request from the iMIS api endpoint using Postman:

(The Authorization header value needs the value "Bearer " in front of the pasted in access token)

This post has shown how to use the new Single Sign On iPart by mimicking a 3rd party website / web application using RequestBin and Postman.