Partner SSO
If you're a ChargebackStop Partner you're able to integrate custom SSO for your users to easily authenticate into their organisations from your application, no re-authentication required.
Note that this is not for integrating enterprise SSO providers such as Okta or Azure AD for partner or merchant accounts, if you want to enable enterprise SSO login options please contact support.
These are instructions on how to generate Single Sign-On tokens on your server. These token can be used to authenticate your users into our merchant dashboard for your organisations.
1. Generate your Partner SSO Key
You can do this by logging into your partner dashboard and under Settings > Single Sign-On (SSO) for Organisations and generate a key. Store this key in a secure environment variable on your server. Do not expose this key in any frontend interface.
2. Get your Partner ID
From your partner dashboard grab the first ID in the URL. For example:
https://dashboard.chargebackstop.com/partners/ptnr_T1Ng7EgYrY7uaKMgPsASE/settings
In this case ptnr_T1Ng7EgYrY7uaKMgPsASE would be your Partner ID.
3. Generate your SSO Token
You can do this using all major programming languages, see below for common examples:
Generate Tokens on your Server
These tokens must be used within 15 minutes of issuance (UTC timezone)
Make sure to thoroughly read through the appropriate documentation for your library and ensure the right security methods are used such as setting appropriate expiries on JWT tokens.
import jwt
from datetime import datetime, timezone
private_key = 'YOUR_PRIVATE_PARTNER_SSO_KEY'
def create_chargebackstop_sso_token(email):
user_data = {
"iat": datetime.now(tz=timezone.utc),
"user_email": email,
}
return jwt.encode(user_data, private_key, algorithm='HS256')
4. Redirect your user
Your user must already be a member of an organisation with your partner account. If the user is not a member the SSO will fail, and due to security implications you cannot SSO a user that is a member of an organisation outside of your partner account.
The token you generate must be used within 15 minutes of creation, so we recommend only creating these tokens when the user wants to be redirected rather than ahead of time
Your Base URL will be either https://dashboard.chargebackstop.com, or your own white label instance such https://chargebacks.example.com, make sure to redirect your customer to the right one.
Your Partner ID will be the ID we retrieved earlier such as ptnr_T1Ng7EgYrY7uaKMgPsASE
Your SSO Token will be the token we generated above. You need to generate this token each time.
Putting it all together
{Base URL}/auth/partner-organisation-sso?partner_id={Partner ID}&token={SSO Token}
For example
https://dashboard.chargebackstop.com/auth/partner-organisation-sso?partner_id=ptnr_T1Ng7xxxxx&token=eyJhbGciOiJIUzI1NiIsInR5cCIyyyyy
If you have any questions, please let our customer success team know and we'll do our best to help you.
Last updated
Was this helpful?