Skip to content
Developerhome
Product homepage
Authentication Service

Get started

  Less than to read

You need to onboard and integrate your application with Sage so you can use our services.

Follow our step-by-step guides to get started.

Our guides explain how to:

  • Steps before onboarding
  • Download and set up Postman
  • Onboard a cloud application
  • Generate X-signature

Steps before onboarding

Prior to onboarding an application and allowing it to create organisations and companies, for which access tokens can be generated to call Service Fabric Services, your application must be created in the Sage Authentication Service. In order to do this you need to raise a ‘service now ticket’.

Select Cloud Ops Services, then select Submit a CloudOps Services (LSM) Ticket.

Specify that Sage Authentication Service is the product to notify Cloud Operations.

An example of the service now ticket is included below.



Example Service Now Ticket



Make sure to include the following additonal details on your ticket.

  • What product you want to use the Sage Authentication Service with.
  • The name of the application that needs setting up. This is usually in the format of sage.location.product. e.g. sage.fr.accounts. (This is used later as the X-Application header in requests to the Sage Authentication Service.)
  • Which service fabric services to expect to use tokens from the Sage Authentication Service against.
  • The contact details for the engineers on your product who are responsible for any issues that arise.

Please note that for Cloud Applications you will need to recieve your application signing key, which is generated as part of the on-boarding process in order to be able to continue.

Download and set up Postman

Postman lets you see Sage Authentication Service in action.

You’ll need the ID and signing key of your Sage application before you can start to use our Postman collections.

Find out more about downloading and setting up Postman.

Onboard a cloud application

You can onboard a cloud application with any of our services in 4 steps.

Learn more about how to onboard a cloud application.

Generate X-signature

To generate X-signature, you’ll need to:

  • Prepare a base string
  • Compute HMAC-SHA1

Follow our guide on how to generate X-signature to find our more.

Signing key rotation

Organisation signing keys are used to sign requests to the Sage Authentication Service’s token endpoint to get access tokens that are used to create companies.

Signing keys are rotated every 30 minutes. It is expected that products integrating with the Sage Authentication Service check for the updated signing key and start using the updated signing key to sign requests. The requirement for products integrated with the Sage Authentication service to rotate their signing key is indicated by the presence of the X-Rotate-key header on the response from the token endpoint.

The X-Rotate-key header contains the value of the new signing key that products should use to sign future requests to the token endpoint.

Products integrated with the Sage Authentication Service must check for the presence of this header in responses from the token endpoint and rotate their keys accordingly.

Network Directory Integration

The Sage Authentication Service supports integrations with the Network Directory Service. When a product is integrated with the Network Directory Service they can recieve access tokens from the Sage Authentication Service that contain mailbox id’s.

More information about how to integrate with the Network Directory Service can be found here.

In order for products to be enabled for the Network Directory Service inside the Sage Authentication Service a change must be made. This can be requested by raising a service now ticket.