Creating an SSO User via Webservice

Owned by Raymond Cascella (DLC) (Unlicensed)
Last updated: May 05, 2022 by Scott Hoppe
2 min read

After Creating a user via web service, there is an additional step to connect an account to an SSO service. The user account must be mapped to the 3rd-party authentication provider.

The required values for creating or updating the mapping are the EthosCE user ID (UID), the external identity provider's user ID (authname), and the authentication service name. The authentication service name may vary per customer, and can be provided by a Product Specialist. In the example below, customers using SAML SSO, have a value of simplesamlphp_auth.

Sending an authmap creation request

<?php // #1 Verify the mapping does not exist by sending a GET request to the system, searching by uid $curl = curl_init("http://your-domain.com/authmap.json?uid=300"); curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: application/json")); curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($curl, CURLOPT_USERPWD, "restws_webservice:webservice_password"); //Your credentials goes here curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE); $json = curl_exec($curl); $response = json_decode($json); // A list of users matching criteria will be returned. If this list is empty, a user does not have an associated mapping value. $list = $response->list; // #2 Send the creation request, via POST if (empty($list)) { $authmap = array( "uid" => 300, "authname" => "ethosce_authname", "module" => "simplesamlphp_auth", ); $curl = curl_init("http://your-domain.com/authmap"); curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST'); curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: application/json")); curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($curl, CURLOPT_USERPWD, "restws_webservice:webservice_password"); //Your credentials goes here curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($authmap)); $json = curl_exec($curl); // An array detailing the new user entity is returned if successful $authmapInfo = json_decode($json);

Successful Return

A  successful return will provide an array detailing the new authmap record information.

Return Attributes

id: The authentication ID key tracked by the database.

uri: The unique URI used to view or update the resource

resource: The entity type created

{"uri":"http://www.domain.com/authmap/1","id":"1","resource":"authmap"}