Accredible offers free single sign-on solutions for recipients and issuers via our API.
How it Works
An endpoint can be created to generate an SSO link that will let the recipient access their credential, which will expire after one use.
What to Consider
There will be security limitations to what your recipients can access when signing in via API SSO
When accessing their credential via API SSO recipients will not have total access to their credential wallet settings, most notably they will not have access to:
Set a Password
User profile settings
Linked Email settings
Wallet privacy and visibility settings
‘Add credential to Digital Wallet’ option
The reason these settings are locked off is that Accredible cannot be 100% sure that the person arriving at the credential via API SSO is the owner of the credential. Any of the client environment admins would have access to the API SSO link on their recipients' profiles, and therefore be able to access the recipient's credentials. In order to prevent any potential bad actors' from the issue's side from having a back-door to a recipient's credential wallet account settings, the Accredible system generates a version of the credential view that doesn't have access to these settings. The same is true for the 'Recipient Sign-In Link' option that can be found on the edit credential page within the Accredible account.
These limitations are in place to protect credential holders and their information.
Setting up SSO via the API takes a bit of technical know-how
API SSO is free to set up, however, it will require API knowledge from your side. If you are familiar with using APIs and encounter any problems with setting up API SSO you can contact our support team and we can provide written guidance to help you get up and running.
SSO SAML is only available for customers with a Premium Plan. For more information, check out Pricing Plans!
How to Set it Up
For directions on how to create your SSO link endpoint, here is our API documentation: Accredible Credential API - SSO
Has this article helped you? Let us know!
If you would like to tell us about any improvements you feel could be made to this page, you can email us at firstname.lastname@example.org.