Skip to content

SSO Integration Guide

Overview

SSO (Single Sign-On) system is used for automatic login to the trading platform.

It allows user authorization via URL using a special token parameter.

The token is obtained via API and then passed to the WebTrader URL.

SSO Flow

Step 1 --- Token Request

A user from the Aria client sends a request to their backend server.

The backend server sends a request to the platform "ScaleTrade" server.

How to request token?

Get Token via server API

Response Example

{
  "login": 51,
  "leverage": 100,
  "currency": "USD",
  "type": "100",
  "email": null,
  "country": "United States",
  "first_name": null,
  ...,
  "__token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9..."
}

In response, a login-specific token will be returned.

Token example:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.
eyJpZCI6OTk5OTk5OSwicm9sZSI6NCwicGxhdGZvcm0iOiJsaXZlIn0.
9PY0qxgVqPxdFZGmURIkPTTgEGcrua-g440mtc4dcN0

Step 2 --- Redirect to WebTrader

Using the received authorization token, perform a redirect via GET:

https://webtrader.{domain}/?token={token}

iframe example:

<iframe src="https://webtrader.{domain}/?token={token}" title="platform"></iframe>

Flow Summary

sequenceDiagram
    participant User
    participant CRM Backend
    participant SSO API
    participant WebTrader

    User->>CRM Backend: Login Request
    Backend->>SSO API: SSOAuthUser
    SSO API-->>CRM Backend: Returns __token
    Backend->>User: Redirect with token
    User->>WebTrader: GET ?token=...
    WebTrader-->>User: Authorized Session

Security Notes

  • Tokens are JWT-based
  • Tokens contain expiration (exp)
  • Always use HTTPS
  • Do not expose master authorization tokens on frontend
  • Backend should handle token generation