0

I'm using Centrify as my IdP with SAML SSO wordpress plugin to authenticate users on my intranet. This works fine.

However, I would now like to make an POST api call from the intranet back to Centrify to pull some data to display on my wordpress site.

Is it possible to configure Centrify so that it passes something like a .ASPAUTH cookie to the wordpress site so that I can it to make api calls?

PatrickC
  • 101
  • 7

1 Answers1

0

If Wordpress is passing the user to Centrify to login (SAML), when the user comes back to Wordpress the .ASPXAUTH token is already set as a cookie in the browser. You cant access it in code, but if you make browser (CORS) calls to Centrify API's, the browser will automatically pass the cookie to Centrify with out you needing to manage it or pass it manually. These calls would need to be made in the browser (javascript), not from the server (php).

You will need to go into your Centrify admin portal, navigate to settings > Authentication > Security Settings > Specify trusted DNS domains for API calls and add the domain of the site that will be calling the Centrify API's. This is to trust the domain for CORS.

An easy test is to add a small amount of code to the browser code that does a simple post to https://tenant.my.centrify.com/security/whoami. No JSON needs to be passed to this call. This will simply respond telling you if we see the user as authenticated.

Please let me know if you have any other questions and do not hesitate to reach out to devsupport@centrify.com.

Thank you,

Nick Gamb

Sr. Manager, Developer Relations and Product Management

Centrify Corporation

Nick Gamb
  • 86
  • 6
  • Hi Nick, I somewhat was able to pull data from the api. But here is my main concern. When I log onto my intranet via the SSO, I will need to enter my username and password again in order to call the centrify api. Is there any way to map my password or some kind of token over from centrify to the intranet site? – PatrickC Mar 22 '18 at 13:46