Setting Up Single Sign-On (SSO) for Your Users

You can configure Single Sign-On (SSO) for your Wix Answers account. This enables your users to use the same login form and credentials that they use across your services and sites in order to access your Wix Answers site.
Tip:
If you get locked out of your account due to an SSO misconfiguration, you can use safe mode to regain access. 
Setting up SSO requires some coding on your part, as described below.

Integrating SSO With Wix Answers

Step 1: Set Up SSO Login and Logout URLs

Configure the page URLs to which you want your users to be redirected when they click to login and logout from your Wix Answers site. 
  1. In the Wix Answers app, go to Settings > Support Channels > Help Center.
  1. Click the Advanced tab at the top.  
  2. Scroll down to the Permissions and Login section and click Edit next to Login method is [method].
  3. Select Single Sign-On (SSO) and provide the following information: 
    • SSO Remote Sign-in URL: Enter the page URL that you want your users to be redirected to in order to log in.
    • SSO Remote Sign-out URL: Enter the page URL that you want your users to be redirected to when they logout.
  4. Click Save

Step 2: Create API and Secret Keys

  1. In the Wix Answers app, go to Settings > Tools > Webhooks & API Keys.
  1. Click the API Keys tab at the top. 
  2. Click + Add API Key.
  3. Enter the API key name
  4. Choose the level of access this API key provides:
    • Full access: Gives access to most parts of Wix Answers, excluding some settings and SSO. Users of this API key can access any endpoint permitted by their role. 
    • Limited access: Gives access to specific parts of Wix Answers. Users of this API key can access endpoints permitted by their role and by the API key. Choose the permission level for each part of the platform:
      • None: Access is not permitted. 
      • View: Read-only access is allowed. 
      • Edit: Read and write access is allowed.
    • SSO only: Allows generating an SSO token. All other parts of the platform will be inaccessible. 
Note:
For more information about API key access, see API Keys, Roles, and Permissions. For the list of what each permission group grants, including both View and Edit versions, see API Roles and Permissions.
  1. Click Save.
  2. Click to copy the API Secret Key and save it for future use.
  3. Click Saved It.
Note:
  • Your API Key appears in the Key ID column. 
  • Click the Show More icon  next to an API key to edit or delete it. 

Understanding the Wix Answers SSO Workflow

  1. Set up your SSO Login and Logout URLs (see Step 1 above) and create API and secret keys (see Step 2 above).
For example:
  • SSO remote sign in URL: https://imagerycloud.com/login 
  • SSO remote sign out URL: https://imagerycloud.com/logout
  1. Your user clicks to login to your Wix Answers site.
  2. The user is redirected to your log in page. Before redirecting the user to your log in page, Wix Answers appends a redirect URL parameter to the request. This is the Wix Answers callback URL that tells your system to where to redirect the user after the user has been authenticated.
For example:
Wix Answers redirects the user to: https://imagerycloud.com/login?redirectUrl=<answers-sso-callback-url>
  1. Your user logs in using the same credentials they use to login to your other services and sites.
  2. Your system determines if the user is authenticated.
  3. Once authenticated, your system generates a JSON structure containing the relevant user data. The JSON must include some fields, and may include other fields, as follows:
    • id (required): The user ID in your internal system
      Note: Within Wix Answers, this value is sometimes used and called the "external ID". For example, see Get an SSO User's Information by External ID.
    • email (required): The user's email 
    • timestamp (required): The current timestamp (UTC) in milliseconds (Unix time format)
    • firstName 
    • lastName 
    • displayName 
    • profileImage: The full URL to the user's profile image 
  4. Use the Wix Answers Secret key to encrypt the JSON structure and generate an encrypted SSO token.
  5. Append the encrypted SSO token parameter and the API key ID to the Wix Answers callback URL and redirect the user back to Wix Answers.
For example:
Your system redirects the user to Wix Answers: <answers-sso-callback-url>&token=<encrypted sso token>&key=<api key id>
  1. Wix Answers retrieves the encrypted SSO token that was appended to the URL (containing the encrypted user data and the API key ID) and decrypts the SSO token to extract the user data.
  2. Your user logs out.
  • If you configured an SSO logout URL in your Wix Answers account: Wix Answers redirects your users to your logout page. Your system can then remove the relevant cookies and log your user out from your other sites or services.
  • If you did not configure an SSO logout URL in your Wix Answers account: The user is only logged out of your Wix Answers site and continues to be logged in to your other sites and services.

Code Examples

We have compiled the following examples to help you get started:

Related Articles

Bypassing SSO to Log in to Your Wix Answers Account

You can use safe mode to regain access to your Wix Answers account if you're locked out due to an SSO (Single Sign-On) misconfiguration. Learn more about setting up SSO for your users.To log in using safe mode:

1 min read

Setting the Authentication Options for Logging Into Your Wix Answers Account

Choose how you would like team members to be able to log in to your company's Wix Answers account. By default, team members can log in using their email and password or Google account. You must keep at least on

1 min read

Setting Your Help Center's Permissions and Login Options

By default, your Help Center and its content is public and viewable by anyone. You can limit access to your content, choose a login method, and require that users log in to submit tickets. Note:We're currently

2 min read

Adding Okta as a Login Option

Allow team members to sign in to your company's Wix Answers account via Okta single sign-on (SAML SSO). Wix Answers supports SAML 2.0.Note:You must be an admin in your enterprise's Okta account to set up the co

4 min read

Adding Azure as a Login Option

Allow team members to sign in to your company's Wix Answers account via Azure single sign-on (SAML SSO). Wix Answers supports SAML 2.0.Step 1 | Create a New Application in AzureIn your enterprise's Azure accoun

5 min read