Introduction
Less than to read
Welcome to the Sage Authentication Service. This section of our documentation is designed to provide an overview the following:
- What is the Sage Authentication Service?
- Why use the Sage Authentication Service?
- Core Concepts
What is the Sage Authentication Service?
The Sage Authentication Service issues access tokens that can be used by products to call Service Fabric Services.
The tokens that are issued by the Sage Authentication Service contain contextual information about the organisation and or company they are issued to. Note, tokens can be issued directly to an organisation, as opposed to a company within that organisation.
Applications that use the Sage Authentication Service are responsible for creating organisations and companies which can be used to get access tokens.
The Sage Authentication Service also handles security concerns within multiple products, including Payments Acceptance (token creation, token validation, captcha verification and token caching). The Authentication Service is a critical component of Service Fabric.
Why use the Sage Authentication Service?
The Sage Authentication Service is for products that want to integrate with Service Fabric Services such as the ‘Payments Acceptance Service’ or the ‘Banking Service’.
Access to services protected by the Sage Authentication Service is protected on a per organisation or per company level.
Core Concepts
Organisations
The business (Sage Customer) that requires access to a given Service Fabric service. Within the data model of the Sage Authentication Service an organisation is the entity that has one or many companies associated with it. An organisation has the following properties associated with it.
{
"organisationId": "d2ecfd7e-270c-4381-891f-a70603b78b0c",
"name": null,
"sageCRMId": "421aa45c-d464-bcbd-5dc6-7fad891e9119",
"primaryCountry": "CAN",
"adminEmail": "[email protected]",
"defaultLanguage": "FR",
"externalId": null,
"primarySigningKey": "6737760A73B6E9B22BFD308DCF536DB696A7DAF0A45D5017EF70471F6EAD8BF1"
}
Companies
A company in the Sage Authentication Service is a logical entity that belongs to an organisation. An organisation can have zero, one or many companies associated with it. A company has the following properties associated with it.
{
"companyId": "c75ade6a-3f27-4cc5-a81e-35d1cf57eb8f",
"organisationId": "d2ecfd7e-270c-4381-891f-a70603b78b0c",
"name": "Great Company2",
"externalId": "123-123-124",
"logoUrl": "",
"address": {
"addressLine1": null,
"addressLine2": null,
"addressLine3": null,
"addressLine4": null,
"countrySubdivision": null,
"postalCode": null,
"country": null
},
"taxNumber": "1231231",
"standardIndustrialCode": "123",
"contactTelNo": "+44 (0)191-294-3481",
"contactEmail": "[email protected]"
}
Integration types
- Cloud application - A server side web application running in a Sage owned environment. These applications are considered trusted and can be issued application signing keys.
- On-premise application - A server-side web application running in a third-party environment. These applications are not considered trusted, therefore, they must receive tokens from the ‘Sage Token Service’ and use them as part of a captcha process to confirm human interaction.
- Desktop application - An application installed on a user owned device. These applications are not considered trusted, therefore, they also must receive tokens from the ‘Sage Token Service’ and use them as part of a captcha process to confirm human interaction.