Single Sign-On (SSO)

Seamlessly authenticate and identify your customers.

Single sign-on helps you to seamlessly authenticate your users via their existing accounts on your application. This provides an endearing experience for your users by eliminating the need to log in to leave feedback.

In this guide, we'll give you a detailed guide on how you can authenticate and identify your existing customers on UserVitals.

A quick overview of how it works

Enable SSO to connect with existing user accounts in your app

Store your private key on your server and don't share it

  • On your server, generate an SSO token for your authenticated user. Ideally, you want to do this on every page your SSO token is used.

  • Setup a redirect URL with the JWT token and hyperlink it to your button or link.

  • When the user visits the link, we will decode the token and authenticate the user.

Setup

1. Install a JWT library

Node.JS
Go
PHP
Python
Ruby
Node.JS
npm install --save jsonwebtoken
Go
go get github.com/dgrijalva/jwt-go
PHP
composer require firebase/php-jwt
Python
pip install PyJWT
Ruby
sudo gem install jwt

2. Generate a JWT token for your customer

Node.JS
Go
PHP
Python
Ruby
Node.JS
const jwt = require('jsonwebtoken');
const PRIVATE_KEY = 'Your Private Key';
function createJWT(user) {
const data = {
// User's email address (required)
email: user.email,
// User's display name (required)
name: user.name,
}
return jwt.sign(data, PRIVATE_KEY, { algorithm: 'HS256' });
}
Go
import (
"github.com/dgrijalva/jwt-go"
)
const PrivateKey = 'Your Private Key';
func createJWT(user map[string]interface{}) (string, error) {
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
"email": user["email"],
"name": user["name"],
})
return token.SignedString([]byte(PrivateKey));
}
PHP
use \Firebase\JWT\JWT;
const PrivateKey = 'Your Private Key';
function createJWT($user) {
$userData = [
'email' => $user['email'],
'name' => $user['name'],
];
return JWT::encode($userData, PrivateKey, 'HS256');
}
Python
import jwt
private_key = 'Your Private Key'
def createJWT(user):
user_data = {
'email': user.email,
'name': user.name,
}
return jwt.encode(user_data, private_key, algorithm='HS256')
Ruby
require 'jwt'
PrivateKey = 'Your Private Key'
def createJWT(user)
userData = {
email: user.email,
name: user.name
}
JWT.encode(userData, PrivateKey, 'HS256')
end

3. Setup a feedback portal URL

Include a UserVitals roadmap link directly in your application

When an SSO token has been generated for the user, redirect them back to UserVitals, or link this URL to a button to take the user to the feedback portal.

https://api.uservitalshq.com/sso?token=${ssoToken}&subdomain=${subdomain}&redirect=${portalUrl}

Query Params to include

The token query param included in the URL should hold the generated SSO Token. (required)

The subdomain query param should hold your team's subdomain. (required)

The redirect query param holds the URL where the user needs to be sent back to after successful login. (optional)