Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

how can i retrive CROWD sso token by username

anosi anosi
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 12, 2014

hello everybody,

Is there any function REST to retrive CROWD sso token by username.

i use REST API to creat the SSO token: POST /session

<?xml version="1.0" encoding="UTF-8"?>
<authentication-context>
  <username>my_username</username>
  <password>my_password</password>
  <validation-factors>
    <validation-factor>
      <name>remote_address</name>
      <value>127.0.0.1</value>
    </validation-factor>
  </validation-factors>
</authentication-context>

i want to authenticate a user in one application by validadting his login/password and creat the sso token -> after that in the other application i want to chek if the user is logged in by retriving the sso token

2 answers

1 accepted

1 vote
Answer accepted
Caspar Krieger
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 13, 2014

i want to authenticate a user in one application by validadting his login/password and creat the sso token -> after that in the other application i want to chek if the user is logged in by retriving the sso token

We don't support your intended method of operation directly. The way we expect third party applications to use Crowd is to use the session resource; you can POST to it to authenticate a user in the first application, which will get you a session token. Your application should set that session token as a cookie for the user.

Then, in the second application, your user will send over the token key in the cookie to it, and the second application should use the session/{token} resource to get the session associated with the token, which will contain the username of the user who created the session. Alternatively, the 2nd application could POST to the session resource again to again authenticate the user and create another session; it will get back the same token if the provided validation factors are the same.

(I'm a Crowd developer.)

TruongNN5
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 2, 2018

Hi Caspar Krieger,

My confluence use User Directory of Crowd, so Can i get Token when login into Confluence ? 

Thanks!

0 votes
anosi anosi
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 12, 2014

i found the answer so for any one who try ti athenticate to apps using Crowd. the easiest way is to retrive SSO toke from this cookie "crowd.token_key" of your domain / . after that check the session is open or not.

Caspar Krieger
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 18, 2014

Correct, however note that crowd.token_key can be configured to be named differently.

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events