As mentioned earlier in this section, there are two functionalities supported by next4biz CSM SSO. First, External Application issues a login request to next4biz CSM, and second, next4biz CSM issues a login request to External Application on behalf of the current user.

External Application logins to next4biz CSM

• External Application tells next4biz CSM of its login request by issuing a HTTP GET request.(Diagram Step II )
  • http://[virtualpath].next4biz.com/sso.aspx?response_type=token&bc_id=2&scope=customer_create_issue&client_id=ir3EkmW92C…& nonce=1&state=12345
• next4biz CSM validates the login request by decrypting the supplied client_id using the pre-shared key and nonce.
• If the supplied client_id is valid, then a success result returns from next4biz CSM.(Diagram Step III)
• Using the access_token acquired from step III, a page redirection is made to address below
  • http://[virtualpath].next4biz.com/Login.aspx?access_token=fmac-a002b792-6814bbe07fcd405c844c8 6bccccd226c (Diagram Step IV).
• The expiration duration for the access_token is specified inside the same JSON result that returns from Step III. If a request as in Step IV is made within that time frame, next4biz CSM logs the user in creating the user if not already exists.(Diagram Step VI)
• User redirects to Issue Entry Page (Diagram Step VII)

next4biz CSM Requests login permissions from External Application

• next4biz CSM encrypts the login-user information using the pre-shared key and nonce.
• next4biz CSM makes a HTTP GET request as in below to the provided SSO page of the company:
  • http://company.server/fsso.aspx?response_type=token&scope=customer_create_issue&client_id=ers3dfb2C…&nonce=1&state=12345 (Diagram Step V)
• External Application responds with corresponding JSON results as in the following document. (Diagram Step VI)
• next4biz CSM continues to the login process according to the result from the External Application. (Diagram Step VII)