Single Sign On

Stormboard's Single Sign On flow allows any user to easily log into Stormboard from an external product without having to remember their username and password at Stormboard. However, this requires some management and intervention on the part of the external product.

SSO Flow

Retrieve SSO Token

You must first have created a Stormboard user, and have a valid authentication method to the API. Once you have a valid user, use the /users/ssotoken endpoint to retrieve an expiring SSO Token.

An SSO Token has a lifespan of 1 hour. After this time has elapsed, the token will cease to function and you will need to retrieve a new token.

Use SSO Token

Once you have a valid token, append the token to any url you are attempting to access on Stormboard following the example below. Replace "TOKEN" with the token you received in the previous step.

Stormboard will first attempt to create a session for the user, using the token and then based on that user's abilities continue on to the requested area of Stormboard.