16
Single Sign On
Idea shared by FlexWS - 5/15/2015 at 3:04 AM
Planned
SmarterTrack seems to offer a SSO option.
 
Is it possible to create a SSO option for SmarterMail so we can route a user to their Inbox directly from another system?

17 Replies

Reply to Thread
0
I thought that there was an option for this.. Bummer :(
So I voted for it!
3
I'm guessing since SmarterMail 16x. will be completely API driven, it will need to have SSO capabilities for security purposes.
 
Everything will be exposed to and driven by the API, so the initial connection will require authentication with the SM user account db. Then you will get a token, key, or something to be used for further calls so the user doesn't have to keep entering their password (and you don't have to save it, creating a vulnerability).
 
Once you have this token, you should be able to route the user to their Inbox or do whatever you want. Again, this is just my take on things. ST would need to confirm.
1
Well... this was what I shooting for....
https://portal.smartertools.com/community/a88244/single-signon-credentials-between-smail-strack-.aspx
 
What we have discovered, is you can do an authorization from website X to smartertrak; but the user has to already be in SmaterTrak...  AND unfortunately  you have zero fighting chance to sync passwords and userids.... because encryption may/may not be the same.   
 
I had asked in another forum if there would be a way to force-set our user's password from a central point.. using an API... so that is the direction that we are going to go....    So the user would signon to our platform  A....  and then we will push their password and/or userid to SmarterTrak AND password to SmarterMail.... Thats the only way to sync.  The problem comes in, user changes their password at one place or the other... you have no way to know.
4
Just wondering if this is on the list for SM16. Hoping someone from ST can comment. Thanks!
0
Any update?
1
This is very much needed. Prior to SM allowed users to login via the API but now that is not possible in SM16. Why make such a major change without notifying your customers?
0
I haven't tested it yet, but I see there is an API to SM16.
Also, i  **think** that there was an initial issue with login process, if you had a custom login in routine.. and I believe that has been fixed...
 
What would be great is if  ST(Smarter Trak 13) could use same user/name password as SM16.
They have provided a work-around; but we are still trying to get that tested.
 
 
 
1
Could we get an update from this? Really need this for our portal.
GearHost.com
1
We had our portal custom coded to allow login by postmaster and end-users with v. 15. v16 broke this. Here is the reply from ST from July 2017:
From: Sales Department
Sent: Thu, 20 Jul 2017 08:14:22 -0700
To: xxxxxxxxxxxxxxxxxxxxxx
Subject: xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
"If they are trying to make their own API calls, they don't actually want the auto login script. Instead, they should follow the documentation on Authentication. This should be done by using the Authorize Bearer tokens they get from authorizing and putting that Authorization header in the API calls."
 
I also learned that when using auto login, the script does need to be hosted on the same domain, which could be why you were experiencing trouble with this. Let me know of any concerns or follow up questions! 
 
I look forward to your reply,
 
That was a **major** blow to us since this functionality is required by the way our portal was coded. I will continue to harp this issue since I find it rather stupid that "the script does need to be hosted on the same domain" just does not work in real-world scenarios.
Matthew J. Sine, General Manager8Dweb LLC "Making the Web a Happy Place"
0
Well for sure, it is a pain in the arse.. because I have SM users, I want to send over to our own STrak.  AND .. just in the case you are pointing out.. they certainly not coming from the same domain...  I don't understand why generating a simple login in API or script... can be that difficult.
<sigh>  ..off my soap box.
 
 
1
I would hope ST would at least acknowledge this post. Just tell us if this is even a possibility.
GearHost.com
1
Employee Replied
Employee Post
At this time we are doing a large audit of feature requests and working to consolidate a list so we can prioritize items. Single Sign On is a feature we plan to implement. At this time, however, I do not have an expected release date for this functionality. 
0
We use the .net silent log on and it works just ok. We use Google SSO for everything else and the SAML was easy to integrate using firebase. SmarterTrack is the LAST app we need to get SSO on.
2
Jay, could you elaborate on the .net silent log on?  Just not sure what that is or how it works.

Does v17 (I know it's not called that :) have a feature like v15 that you can use the API to authenticate a user, but not actual take them into the web interface?

Would be nice to use SM to authenticate the user for Intranet, then provide a 1-click logon to their email, without having to store the password and submit it on a form.

Thanks,
Kevin
1
Kevin,

The silent log in the ST shared cookie model. You can use the External Providers options to manage user auth if needed. 

For us, we use SAML in to our app (for employees) and then bounce them in to ST mgt interface.
Customers use a custom portal and we pull in tickets and KB's from the database and then use the API for create and update ticket.
0
Employee Replied
Employee Post
Kevin, you can use the Authentication API in SmarterTools to accomplish what you want.  The retrieve-login-token API method returns the auth token and also a URL that can be used to log in.  The documentation is found in Sys Admin > Settings > API Documentation > Authentication.
0
@Robert Emmett with the Authentication API in SmarterTools you mention allow an auto token for Smarter Track as well?

Reply to Thread