Handling SAML Flows
The last step of the integration is to hook your existing login flow with Frontegg SSO flow
The below will allow you:
- To determine if for a specific user a redirect to IDP is required
- To parse SAML response and to log in the user
On your backend, initializing the SSO client:
import { SsoClient } from '@frontegg/client';
const ssoClient = new SsoClient();
await ssoClient.init('YOUR_CLIENT_ID','YOUR_API_KEY');
from frontegg import FronteggClient
client = FronteggClient(client_id, api_key)
And expose 2 endpoints that will allow prelogin and SAML callback:
app.post('/login', async (req, res) => {
try {
// Payload can be user email or tenantId
const redirectResponse = await ssoClient.prelogin(req.body.payload)
res.redirect(redirectResponse)
} catch (e) {
console.error(e)
res.send(e)
}
})
app.post('/auth/saml/callback', async (req, res) => {
try {
const userResponse = await ssoClient.postlogin(res.body)
// If authenticated -
} catch (e) {
console.error(e)
res.send(e)
}
})
@app.route('/login', methods=['POST'])
def login():
payload = request.get_json()['payload'] # assuming payload {'payload': '[email protected]'}
# payload can be user email or tenantId
res = client.prelogin(payload)
return redirect(res.headers['Location'])
@app.route('/auth/saml/callback', methods=['POST'])
def post():
body = request.form.to_dict()
res = client.postlogin(body)
return res
Updated 4 months ago