RESTFul SSO Tutorial?

Question

How possible is it to implement SSO from Swagger UI ?
I only need to implement these two endpoints:

/api/v1/app/user/data
/api/v1/session/login

I've implemented this in two different NoCode/LowCode environments, however, I suspect that Quickbase is different and while I am certified in Quickbase I have not done that much in Quickbase.
Are there any guides or tutorials which you can point me to on how I can implement custom SSO in Quickbase?

------------------------------Pete Letkeman------------------------------

joelhickok · Answer

It seems you may be confusing another company's product API with Quickbase. The link you provided is for another API for a different platform.

If you are using the newer Quickbase JSON API, the endpoint I have tested is the temporary token endpoint.

You can read more about this here:
https://developer.quickbase.com/operation/getTempTokenDBID

------------------------------
Joel Hickok
------------------------------

peteletkeman · Answer

Please let me rephrase.
I want to allow people who are authenticated via a third-party KeyStone account using Single Sign On (SSO) access to the Quickbase application. Maybe this is SAML?
Any tutorials/guides on how this can be done?------------------------------Pete Letkeman------------------------------

joelhickok · Answer

This is not a common flow, and not that easy to implement.

You would need middleware that sat in-between your previously authenticated user-base and Quickbase. For example, you could have a custom app that was assigned a Quickbase user token, and that app would access Quickbase using that token once it confirmed that the user was indeed authenticated using KeyStone. Or, similarly, you could have a proxy app that proxied requests to Quickbase if they were confirmed to be authenticated using your other platform.

Quickbase is not really designed to make this kind of thing easy at all. Unless you broker it all yourself using adequate middleware. You may have to spend some more time investigating how authentication and Quickbase are setup to make this work, and I am guessing you will have to write some custom code.

------------------------------
Joel Hickok
------------------------------

peteletkeman · Answer

That is somewhat disappointing, but thanks nonetheless.------------------------------Pete Letkeman------------------------------

joelhickok · Answer

If your external platform has the capability of adding the Quickbase user token on its own, to every single Quickbase request, then you may be able to simulate  this access by adding a pre-generated token on that side.&nbsp; But I suspect that platform may not have that functionality.

Forum Discussion

RESTFul SSO Tutorial?