Inbound SSO
Inbound SSO allows a company that has its own internal authentication system to validate a user and then seamlessly allow the user to log in to Oracle CRM On Demand.
The company must be set up to use SSO for Oracle CRM On Demand:
The company and optionally the user must be configured for SSO.
External Identifier for SSO must be specified.
ITS URL for SSO must be specified.
If your company has been set up to use SSO for Oracle CRM On Demand, the following steps are used to initiate a Web service request to Oracle CRM On Demand using SSO:
The Web service client makes a request with the following command specifying the SSO Company Identifier.
https://secure-ausomx[POD].crmondemand.com/Services/ Integration?command=ssoitsurl&ssoid=<SSO_Company_Identifier>
The server returns the SSO ITS URL in the "X-SsoItsUrl" HTTP header of the response.
The Web service makes a request with the ITS URL.
The identity provider might respond to requests with a prompt for authentication credentials, for example, username and password. The client application must be able to recognize this request and respond appropriately.
Any client using Inbound SSO must be able to perform the following actions:
Follow redirects
Accept cookies
Customers are responsible for ensuring that their client applications are compatible with their chosen identity provider.
For code samples for single sign-on see: https://codesamples.samplecode.oracle.com/servlets/Scarab/action/ExecuteQuery?query=crm_on_demand