Skip to main content

Hi! From my understanding, there are usually several ways to implement SSO, including:

-SAML
-OpenID Connect
-OAuth 2.0

SAML is often the easiest option as it's mostly configuration-based. However, Gainsight lacks multi-region support for SAML.

As a result, we had to pivot and implement a custom solution using OAuth, and we specifically need support for identity-provider initiated OAuth, not service provider initiated.

I am trying to figure out the redirection URL 

___

The flow right now is as follows -
1. User goes to our community url and clicks on login
2. The user is redirected to a page where they are prompted to choose the region.
3. Once the user chooses the region they are redirected to the respective login page. For example here, let's say US, the user is redirected to app.iterable.com
4. The user logs in here using the our company app credentials.
5. After the login is successful, the user needs to be redirected to Gainsight with an auth code - this is the redirect URL I am looking for.
6. After the redirection is done, Gainisght sends in a request to the token URL. Iterable received this request and redirects once again to Gainsight with the access token.
7. Gainsight uses this access token and requests user information from Iterable. Iterable receives the request and sends the user information. After this, Gainisght uses this information for authorization and the user is logged into the gainsight platform.

Hi @Deja 👋,

Can you please try the following redirect URL for OAuth:

https://sso-us-west-2.api.insided.com/auth/oauth2/return


Reply