Please note: All new registrants to the Panopto Community Forum must be approved by a forum moderator or admin. As such, if you navigate to a feature that is members-only, you may receive an error page if your registration has not yet been approved. We apologize for any inconvenience and are approving new members as quickly as possible.
API user based app with SSO
Bill Durrant
Tyro
in API
I am trying to setup a user based server app, issue I am seeing is we have SSO setup on our Panopto account and need to know how will Panopto be able to authenticate the user creds without the IDP?
0
Answers
Hi Bill,
For the Panopto Public API on an SSO site, you don’t log in with your IdP username and password. Each request uses a user key plus either a Panopto password (internal users only) or an auth code (SSO/external users).
For SSO users, the auth code is computed from their Panopto user key (
Provider\username) and your Id Provider’s Application Key in Panopto. Your integration must already know the user is valid so Panopto won’t contact the IdP on each API call.If users can sign in through a browser, OAuth (authorization code + refresh token) is usually simpler than building auth codes for every user.
I hope this helps.
Thanks,
-Adis
Hi Adis, I am not sure where this auth code is located in Panopto, nothing is provided when we create the API client, tried looking in the IDP settings, any help would be appreciated.
Hi Bill,
The auth code is not stored in Panopto and is not part of the API/OAuth client you create. The OAuth client only gives you the client ID and client secret for your application.
For SSO users, the auth code is something your application calculates each time, using:
ProviderName\username(same provider name as in IdP settings).For the Public API, the auth code is a hash of:
{userKey}@{your-panopto-host}|{applicationKey}(SHA-1, values lowercased).Panopto does not show this value in the UI—you build it in your code after you’ve already verified the user on your side.
Thanks,
Adis