How Do I Set Up Single Sign-On (SSO) for My Recipients?

Accredible offers free single sign-on solutions for recipients and issuers via our API.

How it Works

An endpoint can be created to generate an SSO link that will let the recipient access their credential, which will expire after one use.

What to Consider

There will be security limitations to what your recipients can access when signing in via API SSO

When accessing their credential via API SSO recipients will not have total access to their credential wallet settings, most notably they will not have access to:

  • Set a Password

  • User profile settings

  • Linked Email settings

  • Wallet privacy and visibility settings

  • ‘Add credential to Digital Wallet’ option

The reason these settings are locked off is that Accredible cannot be 100% sure that the person arriving at the credential via API SSO is the owner of the credential. Any of the client environment admins would have access to the API SSO link on their recipients' profiles, and therefore be able to access the recipient's credentials. In order to prevent any potential bad actors' from the issue's side from having a back-door to a recipient's credential wallet account settings, the Accredible system generates a version of the credential view that doesn't have access to these settings. The same is true for the 'Recipient Sign-In Link' option that can be found on the edit credential page within the Accredible account.

These limitations are in place to protect credential holders and their information.

Setting up SSO via the API takes a bit of technical know-how

API SSO is free to set up, however, it will require API knowledge from your side. If you are familiar with using APIs and encounter any problems with setting up API SSO you can contact our support team and we can provide written guidance to help you get up and running.

SSO SAML

SSO SAML is only available for customers with a Premium Plan. For more information, check out Pricing Plans!

How to Set it Up

For directions on how to create your SSO link endpoint, here is our API documentation: Accredible Credential API - SSO 

 

Has this article helped you? Let us know!

If you would like to tell us about any improvements you feel could be made to this page, you can email us at support@accredible.com.