<aside> ℹ️
This is a legacy SSO flow. For new integrations, see 1.1d Register and login user via OIDC [preferred]
</aside>
To register and to log in a user follows an identical flow.
sequenceDiagram
participant User as User browser
participant P_Caf as Partner CafPlan webserver
participant O_Bik as myo2o Biker webserver
participant O_API as o2o API server
participant P_API as Partner API
User->>P_Caf: 1. User requests CafPlan page with link to myo2o Biker
P_Caf->>User: Webserver creates token & adds token to myo2o link
User->>+O_Bik: 2. User clicks myo2o Biker link with token
O_Bik-->>+O_API: 3. GET o2oCheckAccess( token )
O_API-->>+P_API: 4. GET UserProfile( token )
P_API-->>-O_API: Person Profile data
opt Create new biker account?
O_API-->>O_API: 5. Register Person
end
O_API-->>-O_Bik: PersonID
O_Bik-->>O_Bik: 6. Log in Person
O_Bik->>-User: Return Biker home page
Note right of User: User is logged in and sees myo2o Biker homepage
Partner creates a link in his Cafetaria Plan tool, with this URL structure:
https://{{myo2o_Webserver}}/api/sso?partnerId={{o2o_FlexPartnerId}}&userToken={{partner_UserToken}}
where
myo2o_Webserver: see belowo2o_FlexPartnerID: a unique ID, identifying you as a FlexPartner. Supplied by o2o.partner_UserToken: the token you have created. No specific logic is expected here: we will not decode this token. It will only be used to be sent back to you to query the Person data related to the user requesting a registration or login.User browser sends this request to myo2o Biker webserver:
GET https://{{myo2o_Webserver}}/api/sso?partnerId={{o2o_FlexPartnerId}}&userToken={{partner_UserToken}}
Success
If successful, the user will be redirected to the myo2o Biker tool, where his account is created and logged in.