# Single Sign-On {% hint style="info" %} Single Sign-on is currently being upgraded, additional features will continue to be implemented. {% endhint %} SSO Authentication, in collaboration with IndustryApps, allows users to access authorised only application resources by integrating IndustryApps login single sign-on into your application. The feature can be integrated as an addition to your externally hosted application's currently held single sign-on options. ## IndustryApps Single Sign-on (SSO) Once SSO is set up, third-party app users can sign into IndustryApps and access their resources without requiring an additional sign-in. SSO redirects to the IndustryApps login portal, requesting the users' credentials such as username and password, which gives users access to their authentication restricted resources. {% hint style="warning" %} Single Sign-on does not grant permissions for applications for Data Integration. To utilise [Masterdata](https://docs.industryapps.net/apis-or-data-integration/how-to-access-masterdata), [Transactional data](https://docs.industryapps.net/apis-or-data-integration/how-to-access-transactional-data) and [Submodel data](https://docs.industryapps.net/apis-or-data-integration/submodel-index) please see [Data Integration](https://docs.industryapps.net/apis-or-data-integration). {% endhint %} ### IndustryApps SSO Model ![SSO Model](https://3706867246-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F0tGo33otNRgIhFn6lpgU%2Fuploads%2Fwuki4XhlJqQben8ggeGD%2FSSO-PORTAL.png?alt=media\&token=9d219d08-cb0f-4f86-8233-43e94fc5af1c) ### SSO Example in your Third-party Application ![Sign-in Options](https://3706867246-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F0tGo33otNRgIhFn6lpgU%2Fuploads%2FjeeUK2tKGmJf6CAUN8pr%2Flogin-page-updated.png?alt=media\&token=ed841471-bd9d-40ff-96d7-2cbfdd433abf) ## Integrating SSO The upcoming examples illustrates how SSO can be integrated within your applications' code with IndustryApps SSO in the following technologies. Configure and Utilise Client-side Applications such as: * Angular * Vue Accept JWT with Server-side Applications such as: * Java Spring 5 * Python Django ### **Credentials** To utilize SSO the following credentials are required to be implemented in your application configuration: * **Issuer** For **Development** purposes please utilise the UAT environment URI available below: {% code overflow="wrap" %} ```url https://auth.uat.industryapps.net/auth/realms/IndustryApps ``` {% endcode %} For **Production**, please utilise the environment URI available below: ``` https://auth.industryapps.net/auth/realms/IndustryApps ``` * **ClientID** Each Application which utilises Single Sign-on will be provided a dedicated ClientID during onboarding which acknowledges access. * **Redirect URI** The application will require a redirect URI to navigate back after authentication has been completed. The structure of the URI should be implemented as seen below. ***Development:*** ``` https://democustomer.uat.industryapps.net// ``` ***Deployment:*** ``` https://democustomer.industryapps.net// ``` Deployment will contain the environment URI of the platform customer portal instead of the demo-customer portal. ### Optional **Client Secret** If your application is currently utilizing an identity and access management service provider which requires a client secret, use the client secret code available on your Platform Dashboard. **By default it is not required.**

Applications > My_APP > App Information

**Metadata URL** In cases such as an identity provider requiring a `.well-known/openid-configuration` URL please use the following credential: For **development** purposes please utilise the UAT environment URI available below: ``` https://auth.uat.industryapps.net/auth/realms/IndustryApps/.well-known/openid-configuration ``` For **deployment**, please utilise the environment URI available below: ``` https://auth.industryapps.net/auth/realms/IndustryApps/.well-known/openid-configuration ```