SSO issue

Diogo Thomaz shared this question 3 months ago
Answered

Hello,

We are using YF's REST API to implement SSO so users login to our Application and the tokens for logging in to YF are automatically created.

Also, when a new company registers, a client org is created and a user is created and added to the client org.

This works fine.

However the embedded reports on our application, that use the credentials created during user creation, are not working. Only once we open a session in the YF platform, directly from our application, can we go back to the pages in our application and see embedded reports.

We found that if in the Yellowfin DB table iprltshp, in the record where ipchild is the ipid of the user we log in in Aquanetix, and in the column rltshptypecode it says STAFFMEMBER instead of what appears to be the default for the users you create that is MEMBER, then the embedded reports work fine. But the users created have by default, in this column, MEMBER.

Does anyone know how we can register the user in a way that by default we have STAFFMEMBER in this column?

Thank you in advance,

Diogo

Comments (7)

photo
1

Hi Diogo,

You might want to try approaching this in a slightly different way and avoid changing records in the relationship database - something we don't recommend for any end user.

There are 2 ways you can log in users:


If you are passing the token with the JSApi loading string, you need to also pass the client org you want to log into. So


Http://yfurl/JsAPI/v3?token=token&clientOrg=clientOrg


There is a task to fix this, it has been an issue in the JSApi since its inception (v2 and v3 use the same token auth code). Ideally it should use the code that logon.i4 uses but for now the client org has to be specified to the jsapi.


The other way you can do it is hitting the logon.i4 end point using an Ajax request, which will create the session cookie and then after that Ajax request returns, you can then load the JSApi and you shouldn't need to pass a token.

Hopefully that gets you to where you need to be, but don't hesitate if you need any additional assistance.

Kind regards,

Chris

photo
1

Hi Diogo,

Hope you are well.

Just following up on this one to see if you need any additional assistance.

Let me know.

Kind regards,

Chris

photo
1

Hi Chris,

I have been trying to solve this using the JsApi we are currently using JsApiv2, but i don't know which token should i pass in JsApi loading string.

Is it any of the tokens used in the REST Api(access-token or login-token) or do i have to generate this token in javascript?

Thank you in advance,

Diogo

photo
1

Hi Diogo,

Apologies I wasn't clear on this, it should be the login token.

Kind regards,

Chris

photo
1

Hi Diogo,

Hope you're having a good week. Were you able to resolve your issue with the tokens?

Kind regards,

Chris

photo
1

Hello Chris,

Yes i have resolved the issue with the tokens.

Thank you for your assistance with this matter.

Diogo

photo
1

Hi Diogo,

That's great to hear! Enjoy the rest of your week.

Kind regards,

Chris