Creating your own Single Sign On (SSO)

The advantages of Single Sign On include increased security and usability. LeadDesk has support for SSO using Microsoft Office 365 and Google Worksapce available through apps on the LeadApp store.  If your SSO system is not covered by these, you can build your own integration using RestAPI.

Using the API to generate a master login token allows you to log in to LeadDesk with a specific user ID without the user having to type their login and password. This effectively allows you to build your own single sign-on tool – use the API to get the login token for a user and post it to the log in page to log the user in directly.

This process uses the RestAPI. For full documentation, start here.

This function is not automatically available, contact the Support team if you need to use it.

Step 1 Get the token

First you need to get the login token from RestAPI. Request it from GET /users/{id}/login_token address. You need to be admin or have scope login-token:generate permission to do so.

The response will be a short-lived login token in the format:

{
   "token": "eyJhbGciOiJIUzU...HFCHu7E2uP5kGVEAbiE6SaQ",
   "expires": "2018-08-17T11:50:58+03:00"
}

Note that the token value in this example has been shortened for readability on the page. The actual value will be a much longer string.

Step 2 Use the token

Having generated the login token, we next need to post it to the LeadDesk login page. The login-token parameter’s value here should match the token value we just generated. Again, the login-token value in this example has been shortened for readability.

   curl -X POST -d login-token=eyJhbGciOiJIUzU...HFCHu7E2uP5kGVEAbiE6SaQ https://login.leaddesk.com/

Note that you can post the same token multiple times, as long as the token is valid, but that the login token will only be valid for one minute.