Handling SAML Flows

The last step of the integration is to hook your existing login flow with Frontegg SSO flow

The below will allow you:

  • To determine if for a specific user a redirect to IDP is required
  • To parse SAML response and to log in the user

On your backend, initializing the SSO client:

import { SsoClient } from '@frontegg/client'; 

const ssoClient = new SsoClient();
await ssoClient.init('YOUR_CLIENT_ID','YOUR_API_KEY');
from frontegg import FronteggClient
client = FronteggClient(client_id, api_key)

And expose 2 endpoints that will allow prelogin and SAML callback:

app.post('/login', async (req, res) => {
    try {
        // Payload can be user email or tenantId
        const redirectResponse = await ssoClient.prelogin(req.body.payload)
        res.redirect(redirectResponse)
    } catch (e) {
        console.error(e)
        res.send(e)
    }
})

app.post('/auth/saml/callback', async (req, res) => {
    try {
        const userResponse = await ssoClient.postlogin(res.body)
        // If authenticated -
    } catch (e) {
        console.error(e)
        res.send(e)
    }
})
@app.route('/login', methods=['POST'])
def login():
    payload = request.get_json()['payload']  # assuming payload {'payload': '[email protected]'}
    # payload can be user email or tenantId
    res = client.prelogin(payload)
    return redirect(res.headers['Location'])


@app.route('/auth/saml/callback', methods=['POST'])
def post():
    body = request.form.to_dict()
    res = client.postlogin(body)
    return res

Did this page help you?