Innovato SSO Documentation
SSO SDK
<script src="https://staging-dtr.iits.website/InnovatoSSO/public/js/dtr-sso.js"></script>Overview
Innovato SSO (Single Sign-On) is a secure authentication service that allows users to access multiple Innovato applications with a single set of credentials.
Getting Started
Prerequisites
- Client ID and Client Secret from Innovato SSO service
- HTTPS enabled endpoint for redirect URI
- Compatible with OAuth 2.0
Integration Guide
Backend Implementation
Required server-side controller to handle SSO authentication:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\User;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
class SSOController extends Controller
{
private $validClientId;
public function __construct()
{
$this->validClientId = env('VITE_SSO_CLIENT_ID');
}
public function login(Request $request)
{
try {
// Validate incoming request
$request->validate([
'email' => 'required|email',
'name' => 'required|string',
'client_id' => 'required|string'
]);
// Client ID verification
if ($request->client_id !== $this->validClientId) {
return response()->json(['message' => 'Invalid client ID'], 401);
}
// User lookup or creation
$user = User::firstOrCreate(
['email' => $request->email],
[
'name' => $request->name,
'password' => Hash::make(Str::random(16)),
'role' => 'user'
]
);
// Token generation
$token = $user->createToken('sso-token')->plainTextToken;
return response()->json([
'token' => $token,
'user' => $user,
'message' => $user->wasRecentlyCreated
? 'Account created and logged in successfully'
: 'Logged in successfully'
]);
} catch (\Exception $e) {
return response()->json([
'message' => 'Authentication failed',
'error' => $e->getMessage()
], 500);
}
}
Client-Side Implementation
Below is an example of how to implement SSO login on the client side using the
Innovato SDK.
const handleSSOLogin = async () => {
try {
// Retrieve client ID and redirect URI from environment variables
const clientId = import.meta.env.VITE_SSO_CLIENT_ID;
const sso = new window.InnovatoSDK.SSO({
clientId: clientId,
redirectUri: import.meta.env.VITE_API_URL,
});
console.log(sso, 'hello');
// Perform SSO login
const ssoUser = await sso.login();
console.log("SSO Login Response:", ssoUser);
try {
// Send SSO user data to your backend for further processing
const response = await axios.post("/api/sso-login", {
email: ssoUser.email,
name: ssoUser.name,
client_id: clientId,
});
// If authentication is successful, set the token and redirect
if (response.data.token) {
axios.defaults.headers.common[
"Authorization"
] = `Bearer ${response.data.token}`;
auth.setUser(response.data.user, response.data.token);
// Redirect to dashboard for all users
router.push("/admin/dashboard");
}
} catch (error) {
console.error("Authentication error:", error);
submitStatus.value = {
type: "error",
message:
error.response?.data?.message || "Authentication failed",
};
}
} catch (error) {
console.error("SSO Login failed:", error);
submitStatus.value = {
type: "error",
message: error.message || "SSO login failed",
};
}
};
This code handles the SSO login process, including error handling and
redirection after successful authentication.
Employee Login
SSO Login Button Implementation
Add this button component to your login page for SSO integration.
<!-- SSO Login Button -->
<div class="p-8 mb-8 bg-white rounded-xl shadow-lg dark:bg-gray-800">
<div class="text-center">
<h2 class="mb-4 text-2xl font-bold dark:text-gray-200">Employee Login</h2>
<button
@click="handleSSOLogin"
class="inline-flex gap-2 items-center px-6 py-3 font-semibold text-white bg-gray-800 rounded-lg transition-all duration-300 hover:bg-gray-900 focus:outline-none focus:ring-2 focus:ring-gray-500 focus:ring-offset-2 dark:bg-gray-700 dark:hover:bg-gray-600"
>
<svg class="w-5 h-5" viewBox="0 0 24 24" fill="currentColor">
<path d="M12.24 10.285V14.4h6.806c-.275 1.765-2.056 5.174-6.806 5.174-4.095 0-7.439-3.389-7.439-7.574s3.345-7.574 7.439-7.574c2.33 0 3.891.989 4.785 1.849l3.254-3.138C18.189 1.186 15.479 0 12.24 0c-6.635 0-12 5.365-12 12s5.365 12 12 12c6.926 0 11.52-4.869 11.52-11.726 0-.788-.085-1.39-.189-1.989H12.24z"/>
</svg>
Sign in with SSO
</button>
</div>
API Reference
Authentication Endpoints
POST /api/sso/login
Authenticate user and return access token
Support
For technical support or questions, please contact: support@innovato.com
SSO Implementation Guide
1. Environment Configuration
Add these variables to your .env file:
VITE_SSO_CLIENT_ID=your_client_id
VITE_SSO_REDIRECT_URI=https://yourdomain.com/sso/callback
VITE_API_URL=https://yourdomain.com/api2. Frontend Setup
Create a new component at resources/js/components/SSOLogin.vue:
// SSO Login Component
export default {
methods: {
async handleSSOLogin() {
try {
const sso = new InnovatoSDK.SSO({
clientId: import.meta.env.VITE_SSO_CLIENT_ID,
redirectUri: import.meta.env.VITE_SSO_REDIRECT_URI
});
const user = await sso.login();
await this.handleAuthResponse(user);
} catch (error) {
this.showError(error);
}
}
}
}3. Backend Setup
Add these routes to routes/web.php:
Route::post('/sso/login', [SSOController::class, 'login']);
Route::get('/sso/callback', [SSOController::class, 'handleCallback']);Security Requirements
- Enable HTTPS on production
- Validate client ID on server-side
- Store tokens securely (HttpOnly cookies recommended)
- Implement rate limiting (5 attempts/minute)
UI Customization
Customize the login button by modifying these CSS classes:
<button class="[custom-bg-color] [custom-text-color]
hover:[hover-state] focus:[focus-state]">
<!-- Custom icon or text -->
</button>Common Errors
401 Invalid Client ID - Verify environment
variables
403 CSRF Mismatch - Check session configuration
500 Authentication Failed - Validate user model
Technology Stack
Backend Technologies
- 🛡️ Laravel 10 - PHP framework core
- 🔑 Laravel Sanctum - API token management
- ️ MySQL 8 - Relational database
- 🔄 Eloquent ORM - Database management
- 🔒 OpenSSL - Encryption/Decryption
Frontend Technologies
- ⚡ Vue.js 3 - Reactive UI components
- 🎨 Tailwind CSS 3 - Utility-first styling Inertia.js - Server-client communication
- 🛠️ Innovato SDK - SSO client library
- 📦 Axios - HTTP client
Infrastructure
- ☁️ Docker - Containerization
- 🔗 Nginx - Web server
- 📡 Redis - Session caching
- 🛡️ Cloudflare - DNS & Security
- 📊 Prometheus - Monitoring
Security Components
- 🔐 OAuth 2.0 - Authorization framework
- 🔄 JWT - Token validation
- 🛡️ CORS - Cross-origin protection
- 📈 Rate Limiting - 5 requests/minute
- 🔍 CSRF Protection - Form validation
System Requirements
- PHP ≥8.2 with OpenSSL extension
- Node.js ≥18.x & npm ≥9.x
- Composer ≥2.5
- MySQL ≥8.0 or MariaDB ≥10.6
- Vite ≥4.0 build system
SDK Integration
1. Install SDK
Add the SDK script tag to your main layout file:
<!-- In head section of resources/views/layouts/app.blade.php -->
<script src="https://staging-dtr.iits.website/InnovatoSSO/public/js/dtr-sso.js"></script>2. Initialize SDK
Initialize the SDK in your application entry point:
// In resources/js/app.js
window.innovatoSSO = new InnovatoSSO({
clientId: import.meta.env.VITE_SSO_CLIENT_ID,
redirectUri: import.meta.env.VITE_SSO_REDIRECT_URI,
debug: import.meta.env.DEBUG === 'true'
});3. Core Methods
// Login
innovatoSSO.login().then(user => {
console.log('Authenticated user:', user);
});
// Logout
innovatoSSO.logout();
// Check authentication status
const isAuthenticated = innovatoSSO.isLoggedIn();SDK Versions
- Current: 2.1.4
- Minimum Required: 2.0.0
- CDN URL:
https://staging-dtr.iits.website/InnovatoSSO/public/js/dtr-sso.js