Last updated 2020-06-02 19:05:25 UTC

The authentication/sso operation uses the token obtained via the authentication/apiUserAuthentication method to obtain a single sign-on (SSO) token that can be added as a query parameter to bypass the login process to AssureSign.


The authentication/sso request requires a session token be passed in the Authorization header.

Obtain a session token by authenticating in the context of an API user at the /authentication/apiUserAuthentication endpoint.  Set the Authorization header to the token returned from a successful authentication in the form:

Authorization:bearer tokenvaluewillbelongandpresenthere

The authentication/credentials operation has been deprecated.  New integations should use /authentication/apiUserAuthentication.

Legacy tokens provided from authentication/credentials are set in the Authorization header to X-AS-UserSessionToken plus the sessionToken. For example: Authorization: X-AS-UserSessionToken QWxhZGRpbjpvcGVuIHNlc2FtZQ==

A request body is not required for this operation

Sample Request:

Adjust the Host to match the location of your AssureSign account

POST /api/documentnow/v3.5/authentication/sso
Content-Type: application/json
Accept: application/json
Authorization: bearer tokenvaluewillbelongandpresenthere


If the request is successful, the operation will return a simple result that will include an ssoToken property. 

Sample Response:

    "result": {
        "ssoToken": "eyJ2YWxpZFVudGlsIjoxNDY3ODMyNjUzMDcyLjY0NTMsInNzb1Rva2VuSWQiOiI5ZGUwNDFlMi01ZmQ0LTRlYWUtYjAzZC1hNTNiMDEzZGNiMmIiLCJzaWduYXR1cmUiOiJ2Q1RfU0FTWDlUaDNJYVZiQlA2Y2ZscW4tLXl4VmFZMnlOamx6YzlBUmM4In0="

A FORBIDDEN errorCode will be returned in the case that an invalid or expired token has been sent.

Using the ssoToken

This ssoToken can be added as a query parameter when accessing the Simple Setup page by adding it to the page URL in the form:

The ssoToken expires after 30 seconds, so the call to retrieve the token should be performed when the redirection will take place.