Knowledge Base

Skip to main content
How Can We Help?


Megan E. Shankle
Vice President, Client Relationships
Office: 301-519-3776 x 118
Cell: 240-439-9336
mshankle@isgsolutions.com

Table of Contents
< All Topics
Print

ISG’s Enhanced SSO Guide

Overview 

ISG’s Enhanced SSO for iMIS offers a Single Sign-On (SSO) process that removes the need for vendors to learn how to use the iMIS REST API by passing a one-time use token to the vendor’s site at sign in and providing a service to get the SSO data directly with that token.  This reduces the effort involved for the vendor. 

When the user starts on the vendors site and is redirected to the iMIS sign in page and submits their credentials, the ISG Enhanced SSO passes a one-time use token, which is linked to the user, directly to the vendor’s website via POST. Then, the vendor’s website calls to the ISG Enhanced SSO User service via GET passing the token to get the user’s data.  If the vendor’s website ever loses their session, they can redirect to ISG’s Enhanced SSO and if the user is still signed in to iMIS, a new one-time use token will be returned without the user signing in again. 

This ISG’s Enhanced SSO service also allows the vendor to pass a ReturnURL query string and the SSO process will return the user to that page within the Service Provider’s domain. 

Value Add 

  • Vendor does not need to learn the iMIS REST API which reduces vendor integration effort. 
  • Allows for a ReturnURL via query string to allow the user to go to a specific page within the Service Provider’s domain. 

Workflows 

  • Identity Provider (IdP): iMIS site 
  • Service Provider (SP): Client site or Vendor Site 

Sign-In Workflow 

User Workflow Service Provider Workflow 
Anonymous user starts on Service Provider site and clicks link requiring authentication SP redirects to IdP (optionally passing ReturnURL for SP domain) 
Anonymous user lands on iMIS sign in page and enters iMIS credentials  User is signed into IdP 
User lands on Service Provider site & is signed into both iMIS and Service Provider site IdP SSO process passes a one-time use token to SP via POST method SP makes a call to the IdP service to get the user’s data SP receives user data and maintains session 

*If SP redirects to IdP and IdP already has a session, the user is redirected back to the SP without needing to sign in again. 

Sign-Out Workflow 

User Workflow Service Provider Workflow 
Signed in user clicks sign out SP redirects to IdP (optionally passing ReturnURL for SP) SSO process signs user out of IdP and redirects to SP 
User lands on Service Provider site and is signed out of both IdP and SP SP will clear user’s session 

Default Session Fields returned to SP: iMIS ID, First Name, Last Name, Email and Member Type 

Requirements 

  • iMIS EMS Version or iMIS 2017. 
  • ReturnURL must be in same Service Provider primary domain.