We need to apply Single Sign-on on HubSpot. Can you light us on what would be the possible solution to implement Single Sign-On? We tried with creating a custom side panel and sending a single sign-in request to our web application but it doesn't work as third-party cookies issue.
Please suggest, what would be the best way to implement Single Sign-on with our web application.
Thanks for quick reply. Let me explain the complete workflow we are trying to implement to do SSO for HubSpot users into our application.
We have created an app in HubSpot and Once user provides access to our app they are redirected back to our application. We then validate the access tokens from Hubspot and if the same user(with the same email) exists in our application we auto log them in. Please let me know if you see any possible security-related issues in this workflow.
We are trying to auto login the users who uses both Hubspot and our application in a secure way. So when a user login into Hubspot and grant access to our application we build in hubspot we want users to be auto logged into our application. Think of it as a Facebook or Google login in any third party application, only for users with same email address in hubspot and our application. Let me know if it makes sense?
The user installs and authorizes the application we created for Hubspot.
After installation user is redirected to call back URL of our application.
Our application verifies if the authorization token is valid from HubSpot. If token is valid and the same User exists in our database we will Login the user to our application.
As per my understanding this is a secure way of doing the Auto login into our application, Since the Token we get from hubspot is only valid for one time use and we only allow users who already exists in our application to login.
I will appreciate If you could confirm that this method is secure. Let me know if you have any questions.
@Subhash This sounds like you are referring to Single Sign on for your app and not HubSpot. Whether this is secure will be up to you and your team for your app and not up to HubSpot.
do you know if/when SSO will be available to log users in without credentials? it would seem that with the vast features of the HS api this wouldn't be too difficult to implement.