Single Sign On (SSO) is an API that allows you to send members once authenticated in your website, to your Webinato login page or directly inside your webinar room. By passing their identification and other security parameters attendees will access your website and then access your webinar with no need to enter another password.
Note: You will need to have a skilled web programmer who has a strong knowledge of programming languages such as PHP in order to implement these APIs. Or you may ask the Webinato OPTiMA team to help you.
API Examples
Below is example code to execute this particular API in PHP, ASP and Java. There are three pieces of required information necessary to input when customizing the API for your organization: companyID, companyPassword, roomID. This information is provided to you by your Account Manager.
PHP Example Code
Required Information:
(str) companyID
(str) companyPass
(int) roomID
(str) companyUsername
(str) firstName
(str) lastName
(int) role
(str) version
(int) timestamp
Sample Code:
<?PHP
/*** Contact your account manager to get these credentials ***/
$companyID = 001;
$companyPass = 'password';
$roomID = 001;
// *** Construct Company Username
/*** The companyUsername is a field that allows Webinato to differentiate users you pass to
its servers. It MUST be a unique id (text or number) for each individual user.
Leaving companyUsername empty or null results in a security risk and may produce login
inconsistencies.
For SSO to work with the mobile app, this variable must not be null.
The companyUserName can be whatever you feel is appropriate. You would usually use the email
address you already have in your database or another unique identifier you have for the user
in your own database. If using the email address, the '@' must be replaced by '_'. It must
not contain any spaces or special characters. You must do one of the following and comment
the other one!
***/
// Example 1 : with Email address
$companyUsername = str_replace("@", "_", "joe@smith.com");
// Example 2: with username
$companyUsername = "joemartin";
// *** Other User Information
// This info usually comes from your database
$firstName = 'joe';
$lastName = 'martin';
// email is optional
$email = 'joe@martin.com';
// phone number is optional
$phone = '252-252-2522';
// companyCustomData is optional -- The custom data is available in the CSV version of
// room reports for a particular meeting
$companyCustomData = 'some custom data about user';
// 0 for attendees, 2 for presenter, 3 for moderator -- cannot be 1
$role = 0;
For Attendees: Set it to 0
For moderators/presenters:
- Set it to 0 if the person does not have an account at Webinato (most usually)
- Set it to the userNo in the Webinato system if they have one.
Ask Webinato Representative for more info in this case. ***/
$userNo = 0;
/*** Construct Time Stamp in GMT with n min Expiration
duration in number of minutes between the time you generate the link and the time they can actually access
the room. This is a very important parameter! If it is too large, they may bookmark the login page and
access the room without going through your site. If it is too little, they might not have enough time to
access the room. We suggest you set it between 5 and 30 minutes Please also note that your server time
(even in GMT) might differ from the Webinato server time by a few minutes. ***/
$link_duration = 10;
/*** You do not need to change any value below. However if your server time is NOT in GMT, you must
convert the time into GMT ***/
$timestamp = time() + (60 * $link_duration);
/*** Direct or Indirect Room Access
You may send the user to the Webinato login page, in which case he/she will not be asked for any passwords
but would still need to click a button to actually access the room. You may also send them directly into
the webinar. We recommend you send to the login page for the following reasons:
- The Webinato login page performs some tests to evaluate if they have the prerequisite conditions such as
the right Flash Player
- The Webinato login page allows them to open the room in a larger browser window without the top menu that takes unneeded real estate
- The Webinato login page lets the user choose a different language than English
Note you may be able to offer these
options in your own site as well (See below).
Set this to 1 for direct access or to 0 for access to the Webinato login page ***/
$directAccess = 1;
/***
The language field ONLY matters if you have $directAccess set to 1. Otherwise the user may choose it in
the Webinato login page.
Set it to nothing ('') if you do not wish to set to any lanagues. The default is english
Options are EN, ES, FR, DE, RU, HE ... ***/
$language = 'EN';
/*** The $openInSeparateWindow ONLY matters if you set $directAccess to 1;
You may want to open the room in a separate browser window when they click the link or button to join
the room. The advantage of opening the room in a separate window is the room will have a more space since
the top toolbars and other options in the browser window are removed. ***/
$openInSeparateWindow = 1;
// ----------------------------------------------------------------------------------------------
// YOU DO NOT NEED TO MAKE ANY CHANGES IN THIS BLOCK
// ----------------------------------------------------------------------------------------------
$version = '1.3';
$base_webinato_link = "https://www.webinato.com/pages/sc2/room_login.php?";
$inquiry = '';
if ($directAccess == 1)
{
$inquiry = '&inquiry=login';
if ($language != '')
$inquiry .= "&language=$language";
}
$extra = "";
$extra .= ($phone ? "&phone=$phone" : "");
$extra .= ($companyCustomData ? "&companyCustomData=$companyCustomData" : "");
//*** Create a md5 hash - IT MUST BE IN THIS ORDER
//*** Construct the link
if ($userNo == 0)
{
$extra .= ($email ? "&email=$email" : "");
$md5 = md5($companyID.$companyPass.$roomID.$firstName.$lastName.$role.$version.$companyUsername.$timestamp);
$room_link = "companyID=$companyID&role=$role&loginType=2&roomID=$roomID$inquiry"
. "&firstName=" . rawurlencode($firstName) . "&lastName=" . rawurlencode($lastName)
. "&companyUsername=$companyUsername&_ts=$timestamp&_t=$md5&_v=$version$extra";
}
else
{
$md5 = md5($companyID.$companyPass.$roomID.$userNo.$role.$version.$companyUsername.$timestamp);
$room_link = "companyID=$companyID&role=$role&loginType=2&roomID=$roomID$inquiry"
. "&userNo=$userNo&companyUsername=$companyUsername&_ts=$timestamp&_t=$md5&_v=$version$extra";
}
/*** Construct the full link ***/
$room_link = $base_webinato_link . $room_link;
/*** Display Link
You can now use $room_link anywhere in your PHP script / HTML as the URL
to one of your rooms. If you have multiple rooms, you will need to
loop through the $room_link, $enc_room_link generation code for each $roomID you have ***/
if ($openInSeparateWindow == 1)
{
echo "<script>var isIE = (navigator.appVersion.indexOf('MSIE') != -1) ? true : false;
var scrollbars = (isIE ? 'no' : 'yes');";
echo "function openRoom(){ window.open('".$room_link."', 'w" . $roomID . "', 'height=700, width=850,
toolbar=no, menubar=no, scrollbars=' + scrollbars + ', location=no, directories=no, status=yes,
resizable=1');}</script>";
}
// ... you can add your own code here and then add a link or button:
if ($openInSeparateWindow == 1)
echo "<a href='javascript:void(0)' onClick='openRoom()'>Access the room Here</a>";
else
echo "<a href=\"$room_link\"> Access the room Here</a>";
?>
ASP Example Code
Required Information:
Contact your Account Manager for this information.
(str) companyID
(str) companyPassword
(int) roomID
Sample Code:
<%@ Page Language="C#" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Collections" %>
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Web" %>
<%@ Import Namespace="System.Web.Security" %>
<%@ Import Namespace="System.Web.UI" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
public string GetPHPMd5Sum(string inputString)
{
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
UTF8Encoding encoder = new UTF8Encoding();
Byte[] result;
result = encoder.GetBytes(inputString);
result = md5.ComputeHash(result);
string _output = string.Empty;
foreach (byte b in result)
{
_output += String.Format("{0:x2}", b);
}
return _output;
}
protected void Page_Load(object sender, EventArgs e)
{
/*** Contact your account manager to get these parameters. ***/
string _companyID = "0";
string _companyPass = "password";
string _roomID = "0";
/*** Construct Company Username ***/
/*** The companyUsername is a field that allows Webinato to differentiate users you pass to its servers.
It MUST be a unique id (text or number) for each individual user. You would usually use the email address
you already have in your database or another unique identifier you have for the user in your own database.
If using the email address, the '@' must be replaced by '_'. It must not contain any spaces or special
characters. You must do one of the following and comment the other one! ***/
string _companyUsername = string.Empty;
// Example 1 : with Email address
_companyUsername = GetLogin(HttpContext.Current.Request.ServerVariables["LOGON_USER"]);
//build email
_companyUsername += "_company.com";
// Example 2: with username
_companyUsername = "joemartin";
// *** Other User Information
// This info usually comes from your database
string _firstName = "joe";
string _lastName = "martin";
//email is optional
string _email = "joe@martin.com";
//phone number is optional
string _phone = "252-252-2522";
//companyCustomData is optional -- The custom data is available in the CSV version of
//room reports for a particular meeting
string _companyCustomData = "some custom data about user";
// 0 for attendees, 2 for presenter, 3 for moderator -- cannot be 1
int _role = 0;
/* - Set it to 0 if the person does not have an account at Webinato
- Set it to the userNo in the Webinato system if they have one.
Ask your Webinato Representative for more info in this case. ***/
int _userNo = 0;
/*** Construct Time Stamp in GMT with 10 min Expiration ***/
// This is a very important parameter! If it is too large, they may bookmark the login page and
// access the room without going through your site
// If it is too little, they might not have enough time to access the room. We suggest you between
// 5 and 30 minutes
// Please also note that your server time (even in GMT) might differ from the Webinato server time by a
// few minutes.
int _link_duration = 10;// duration in number of minutes between the time they leave your site
// and the time they can actually access the room
TimeSpan _ts = (DateTime.UtcNow.AddMinutes(_link_duration) - new DateTime(1970, 1, 1, 0, 0, 0));
ulong _unixTime = Convert.ToUInt64(Math.Round(_ts.TotalSeconds, 0));
/*** Direct or Indirect Room Access
You may send the user to the Webinato login page, in which case he/she will not be asked for any passwords
but would still need to click a button to actually access the room. You may also send them directly into
the room. We recommend you send to the login page for the following reasons:
- The Webinato login page performs some tests to evaluate if they have the prerequisite conditions such as
the right Flash Player
- The Webinato login page allows them to open the room in 2 window mode / choose language ...
Note you may be able to offer these
options in your own site as well (See below).
Set this to 1 for direct access or to 0 for access to the Webinato login page ***/
int _directAccess = 0;
/***
The language field ONLY matters if you have $directAccess set to 1. Otherwise the user may choose it in
the Webinato login page.
Set it to nothing ('') if you do not wish to set to any languages. The default is english
Options are EN, ES, FR, DE, RU, HE ... ***/
string _language = "EN";
/*** The _openInSeparateWindow ONLY matters if you set _directAccess to 1;
You may want to open the room in a separate browser window when they click the link or button to join
the room. The advantage of opening the room in a separate window is the room will have a more space since
the top toolbars and other options in the browser window are removed. ***/
int _openInSeparateWindow = 0;
/*****************************************************
YOU DO NOT MAKE ANY CHANGES ANY CHANGES IN THIS BLOCK
*****************************************************/
string _version = "1.3";
string _base_webinato_link = (@"https://www.webinato.com/pages/sc2/roomlogin?");
string _room_link = string.Empty;
string _inquiry = string.Empty;
if (_directAccess == 1)
{
_inquiry = "&inquiry=login";
if (_language != "")
_inquiry += "&language=" + _language;
}
string _extra = string.Empty;
_extra += (_phone != "" ? "&phone=" + _phone : "");
_extra += (_companyCustomData != "" ? "&companyCustomData=" + _companyCustomData : "");
/*** Create a md5 hash - IT MUST BE IN THIS ORDER***/
//*** Construct the link
string _md5 = string.Empty;
if (_userNo == 0)
{
_extra += (_email != "" ? "&email=" + _email : "");
_md5 = GetPHPMd5Sum(_companyID + _companyPass + _roomID + _firstName + _lastName +
_role.ToString() + _version + _companyUsername + _unixTime.ToString());
_room_link = "companyID=" + _companyID + "&role=" + _role.ToString() +
"&loginType=2&roomID=" + _roomID + _inquiry +
"&firstName=" + Server.UrlEncode(_firstName) + "&lastName=" +
Server.UrlEncode(_lastName) + "&companyUsername=" + _companyUsername +
"&_ts=" + _unixTime.ToString() + "&_t=" + _md5 + "&_v=" + _version + _extra;
}
else
{
_md5 = GetPHPMd5Sum(_companyID + _companyPass + _roomID + _userNo.ToString() +
_role.ToString() + _version + _companyUsername + _unixTime.ToString());
_room_link = "companyID=" + _companyID + "&role=" + _role.ToString() +
"&loginType=2&roomID=" + _roomID + _inquiry +
"&userNo=" + _userNo.ToString() + "&companyUsername=" + _companyUsername +
"&_ts=" + _unixTime.ToString() + "&_t=" + _md5 + "&_v=" + _version +_extra;
}
/*** Construct the full link ***/
_room_link = _base_webinato_link + _room_link;
string _linkTest = "Access the room Here";
if (_openInSeparateWindow == 1)
{
lnkSiteLink.HRef = _room_link;
lnkSiteLink.Target = "_blank";
lnkSiteLink.Title = _linkTest;
lnkSiteLink.InnerText = _linkTest;
}
else
{
lnkSiteLink.HRef = _room_link;
lnkSiteLink.Title = _linkTest;
lnkSiteLink.InnerText = _linkTest;
}
}
public string GetDomain(string s)
{
int idx = s.IndexOf("\\");
return (idx > -1) ? s.Substring(0, idx + 1) : null;
}
public string GetLogin(string s)
{
int idx = s.IndexOf("\\");
return (idx > -1) ? s.Substring(idx + 1, s.Length - idx - 1) : null;
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>Untitled Page</title>
</head>
<body>
<form id="form1" runat="server">
<div style="text-align:center"><br /><p><span style="font-size:14pt;">Welcome to the Webinar
Presentation launch page.</span><br /><br />
Please click on the link below to view the presentation.</p><br /><p>
<a id="lnkSiteLink" runat="server"
style="height:28px; width:161px; background:#f0f0f0; color: navy;
border: 1px outset navy;margin:4px;padding: 6px 5px 0px 5px;text-decoration: none;display: block;"></a>
<br />
</p>
</div>
</form>
</body>
</html>
JAVA Example Code
Required Information:
This information is provided by your Webinato Account Manager.
(str) companyID
(str) companyPassword
(int) roomID
Sample Code:
package com.investools.web.common;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.util.Calendar;
import java.util.TimeZone;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
public class WebinatoRedirectExample extends Action{
@Override
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response)
throws Exception {
/*** try{ you should do this in a try catch and redirect to friendly error
page for fails.***/
String baseWebinatoLink = "https://www.webinato.com/pages/sc2/roomlogin?";
int roomId = -1; //Contact your Account Manager for this info.
String version = "1.3";
int companyId = -1; //Contact your Account Manager for this info.
String companyPass = "123456"; //Contact your Account Manager for this info.
String username = "JoeSmith"; // user's unique username.
String fname = "Joe"; // user's first name usually comes from database.
String lname = "Smith"; // user's last name usually comes from database.
String email = "JoeSmith@gmail.com"; //optional
String customData = "someCustomData"; //optional custom data
String phone = "123-456-7890"; //optional
/** The language field ONLY matters if you have directAccess = true. Otherwise the user may choose it in
the Webinato login page.
Set it to nothing ('') if you do not wish to set to any lanagues.
The default is english
Options are EN, ES, FR, DE, RU, HE ... ***/
String language = 'EN';
int role =0; // 0 for attendee 2 for presenter 3 for moderator cannot be 1
/*** int presenter = 0; 0 for attendees. 1 for presenter or moderator.
THIS VARIABLE IS DEPRICATED DO NOT USE ***/
int userNo = 0; // ** MUST be 0 for guest attendees.
/** For moderators, presenters or regular attendees CAN be 0 if the person
does not have an account at Webinato OR it should be the userNo in the
Webinato system if they have one **/
// If directAccess is false it first takes the users to an Webinato login
// page which would test their
// Flash install and provide other info
// THIS IS RECOMMENDED
// If directAccess is true, they would access the room directly . Not Recommended.
boolean directAccess = false;
String inquirey = (directAccess ? "&inquiry=login" : "");
// ONLY if you set directAccess = true; you might want to open the room in a separate window. The
// advantage is the room will have a bigger interface as you can remove the navigation buttons
// and other menus on top of a newly opened browser. You cannot do so on an already open browser.
int seperateWindow = 0;
Calendar c = Calendar.getInstance(TimeZone.getTimeZone("GMT")); // Onmovia uses GMT.
long timestamp = c.getTimeInMillis() / 1000; // get the current GMT time and convert to Unix timestamp.
timestamp = timestamp + 60; // since we are doing a redirect delay can be approx as short as a page load.
// see getMD5 method for details.
String md5;
if (userNo == 0)
md5 = getMD5(companyId+companyPass+roomId+fname+lname+role+version+username+timestamp);
else
md5 = getMD5(companyId+companyPass+roomId+userNo+role+version+username+timestamp);
// create the url to redirect for.
String roomLink;
if (userNo == 0)
roomLink = "companyID="+companyId+"&role="+role+"&loginType=2&roomID="
+roomId+inquirey+"&firstName="+ URLEncoder.encode(fname, "UTF-8")
+"&lastName="+ URLEncoder.encode(lname, "UTF-8")+"&companyUsername="
+username+"&_ts="+timestamp+"&_t="+md5+"&_v="+version+"&phone="+phone+
"&customData="+customData;
else
roomLink = "companyID="+companyId+"&role="+role+"&loginType=2&roomID="
+roomId+inquirey+"&userNo="+ userNo + "&companyUsername="+username+
"&_ts="+timestamp+"&_t="+md5+"&_v="+version+"&phone="+phone
+"&customData="+customData;
roomLink = baseWebinatoLink+ roomLink;
// send the user on the way.
response.sendRedirect(roomLink);
// not using action mappings as this is a redirect.
return null;
//}catch(Exception e){
// you should have an error mapping to throw here if something fails.
//}
}
/**
* return hex hash code for provided string value.
* @param data string value to hash.
* @return hex hash code.
*/
private String getMD5(String data){
StringBuffer sb = new StringBuffer();
try {
MessageDigest messageDigest = MessageDigest.getInstance("MD5");
messageDigest.update(data.getBytes());
byte[] digestBytes = messageDigest.digest();
/* convert to hexstring */
String hex = null;
for (int i = 0; i < digestBytes.length; i++) {
hex = Integer.toHexString(0xFF & digestBytes[i]);
if (hex.length() < 2) {
sb.append("0");
sb.append(hex);
}
else
sb.append(hex);
}
}
catch (Exception ex) {
System.out.println(ex.getMessage());
}
return sb.toString();
}
}