Speaking Partners will provide a customer ID and an API Key that will need to be used when making requests for
SSO. The customer will provide a link or HTTP GET request passing in all the parameters including the
calculated hash code. The hash is compared to verify against spoofing, and the timestamp is reviewed to
make sure the link is still accessible. If everything matches, the student will be signed in and taken to
their home page. If the link has expired, the hash doesn’t match, the username doesn’t exist, or another
error occurs in our system, they will be taken to a generic error page having them contact an
administrator
GET https://student.speaking-partner.com/account/sso?c={c}&d={d}&u={u}&e={e}&r={r}&s={s}
Parameters
|
Name
|
Required?
|
Value
|
|
c
|
Yes
|
Customer ID provided by Speaking Partners (integer)
|
|
d
|
Yes
|
The student's domain (text)
|
|
u
|
Yes
|
The student's username (text)
|
|
e
|
Yes
|
The unix timestamp of when the link expires (double)
|
|
r
|
No
|
The URL to redirect the student to after login (url-encoded text)
|
|
s
|
Yes
|
MD5 hash of all parameters plus the API key (c + d + u + e + r + APIKey)
|
Example Request
GET: https://student.speaking-partner.com/account/sso?c=123&d=speakingpartners&u=john&e=1336114800&s=158b030cbb3c793eee6f2412806853d8