SSO

This feature is available on the Scale plan. View all plans

You can easily authenticate users on your portal with your existing system by implementing a simple endpoint that generates a JWT and redirects back to Productlane.

1. Activate SSO

   Head to the SSO settings and activate SSO by specifying the URL of the endpoint you plan on using. This will generate the JWT secret, please note it down. It won’t be shown again.

2. Implement token endpoint

   import jwt from "jsonwebtoken"
   
   import { NextApiRequest, NextApiResponse } from "next"
   
   export default function handler(
   	req: NextApiRequest,
   	res: NextApiResponse,
   ) {
       // replace with your "getSession"
   	const session = { email: "[email protected]", name: "Raphael" }
   	const token = jwt.sign(
   		{
   			email: session.email,
   			name: session.name,
         		// optional
   			imageUrl: "",
         		// optional, in minutes
         		tokenValidity: 15
   		},
   		"pl_sso_...",
   	)
   
       const redirect = req.query.redirect ? "&redirect=" + req.query.redirect : ""
       // custom domain example
       res.redirect("https://support.example.com/api/portal/sso?token=" + token + redirect)
       // subdomain example
       // res.redirect("https://example.productlane.com/api/portal/sso?token=" + token + redirect)
   }

3. Enable SSO

   If your endpoint is ready, enable the SSO switch in the SSO settings. This will start routing traffic to your endpoint, so make sure it’s ready.

Redirect

Productlane automatically passes a redirect parameter to your endpoint when a user tries to access a specific page before logging in. Forward it in your redirect to send users back to where they came from.

// Forward the redirect param so users land on the page they originally visitedconst redirect = req.query.redirect 
res.redirect(
    `https://example.productlane.com/api/portal/sso?token=${token}${redirect ? `&redirect=${redirect}` : ''}`
)