Documentation menu

Docs

Single Sign-On

Mint short-lived sign-in tokens so your customers can jump from your systems into their security dashboard without a second login.

Mint short-lived sign-in tokens so your customers can jump from your systems into their security dashboard without a second login. SSO is a two-step flow: your server calls POST /api/v1/sso/token to obtain a token, then redirects the customer's browser to https://{your-portal-domain}/sso?token={token}. The portal validates the token and starts the customer's session.

Tokens are single-purpose and short-lived. Mint one per click-through, never cache or reuse them.

Generate an SSO token

POST/api/v1/sso/token
Auth: Bearer API keyRate limit: 60 requests / minute per API key

Mint a short-lived single-sign-on token for a customer. Redirect the customer's browser to https://{your-portal-domain}/sso?token={token} before it expires; the portal validates the token and signs the customer in.

Body parameters

NameTypeRequiredNotes
client_idintegerRequiredWHMCS client ID of the customer signing in.
emailemailRequiredThe customer's email address.
service_idintegerOptionalOptional WHMCS service ID to land the customer on a specific service.
Example request
curl -X POST 'https://portal.example.com/api/v1/sso/token' \
  -H 'Authorization: Bearer $AEGIS_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{
  "client_id": 1042,
  "email": "[email protected]",
  "service_id": 2251
}'
Response: 200
{
  "success": true,
  "data": {
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
    "expires_in": 300
  },
  "meta": {
    "version": "v1",
    "timestamp": "2026-07-12T09:30:00+00:00"
  }
}

Errors

CodeStatusMeaning
TENANT_NOT_FOUND401The API key did not resolve to an account.
TOKEN_GENERATION_FAILED500The token could not be generated. Try again.

Compiled from the AegisWhite platform (build 6bffe04, module v1.7.3, 2026-07-14).