In order to authenticate users on your desk.com support portal, you have to pass multipass (encoded data)which is generated with user’s information.
- First of all you need to build user data using the following attributes that contains user information at your system.
Unique string of the user. This is the unique identifier of the user in your system, such as their guid or auto incremented id.
Multipass expiration date in ISO 8601 format. This is for security purposes to expire the hash after a given period of time.
Absolute URL to redirect the user after successful login. If this is not supplied, users are either redirected to the original page they were viewing/attempting to view on your portal, or they are redirected to your portal's home.
Customer's email address
The custom customer field identified by key
Example of user information:
$user_data = array( 'uid' => '123abc', 'customer_email' => 'email@example.com', 'customer_name' => 'Test User', 'expires' => date("c", strtotime("+5 minutes")) );
- After that, generate multipass token using PHP SSO SDK from desk.com
In order to get multipass and signature, you need to pass in the user data (user data obtained in step 1), subdomain variable (which is provided by desk.com) and API_key (which is provided by desk.com) into the above PHP SDK.
Desks PHP SDK (mentioned above) will generate a multipass as well as signature. Multipass contains user data in the encoded format which is secured. Signature is required to ensure that the received multipass is indeed coming from you (basically from your master system) and data is not tampered with.
- At Last, append the generated multipass and signature to the following desk.com URL query parameters which will perform the Single Sign on with Desk.com and redirect the user to this URL.
MULTIPASS: Add multipass generated in step 2
SIGNATURE: Add signature generated in steps 2.
For more details about Desk.com multipass SSO visit: http://dev.desk.com/guides/sso/