Versions Compared

Old Version 110

changes.mady.by.user Bruce Hoff

Saved on

compared with

New Version 111

changes.mady.by.user Bruce Hoff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
POST https://synapse.sagebase.org/Portal/openid?OPEN_ID_PROVIDER=<OpenIDEndpoint>&RETURN_TO_URL=<RedirectURL>

Synapse also support the GET method, as required by applications which redirect requests to this service.

Code Block
GET https://synapse.sagebase.org/Portal/openid?OPEN_ID_PROVIDER=<OpenIDEndpoint>&RETURN_TO_URL=<RedirectURL>

The successful response is a redirect to <RedirectURL> :<sessonToken>with an extra request parameter to hold the session token:

Code Block
HTTP/1.1 302 Moved Temporarily
...
Location: <RedirectURL>:<sessionToken>?sessionToken=<SessionToken>
...

As an example, to authenticate against Google's OpenID endpoint, the request is:

...

If successful, but if the user has not yet accepted the Synapse Terms of Use (ToU), then instead of a session token, the redirect URL contains the literal string "TermsOfUseAcceptanceRequired"the result is a Forbidden response:

Code Block
HTTP/1.1 302 Moved Temporarily
...
Location: <RedirectURL>:TermsOfUseAcceptanceRequired
... 403 Forbidden
{"reason":"You must accept the Synapse Terms of Use."}

In this case then , authentication must be repeated with explict ToU acceptance.  The client should display the ToU and request the user's acceptance.  The ToU are available at this URL:

...