DTA SSO Implementation

# DTA SSO Implementation To make the user experience between MyDTA and PEP as seamless as possible, we propose the following "Single sign-on" flow. ## How it works This is a the "Happy Path" we can take if we sync all registered users to PEP ```sequence Note over MyDTA,PEP: Registered users are synced\non a scheduled basis or\n in realtime via webhook Note left of MyDTA: User clicks "View PEP" Note over MyDTA: Gets "View PEP" request MyDTA->PEP: Request Login Link for User by Email Note over PEP: Finds User with Email PEP->MyDTA: Responds with Login Link Note over MyDTA: Redirects to Login Link MyDTA-->PEP: User is Redirected Note right of PEP: User authenticated in\nPEP DTA Dashboard ``` ## API Details ### Get Login Link #### `GET` `https://api.ms-pep.com/login/link` ### Headers | Name | Description | |-|-| | x-api-key | **Required.** API Key to make an authorized request. | ### Query Params | Name | Description | |-|-| | email | **Required.** The email address of the user to get the login link for. | | syncId | string: (Optional) A ProfileId of a the Profile to sync to PEP if the user isn't found. | | create | boolean: (Optional) Should a user record be created if one isn't found. | | partnerIdentifier | string: (Optional) The Partner One ID the user should be added to if they need to be created. | | name | string: (Optional) The full name for the user that should be created. | | program | string: (Optional) The unique key of the program the user should be granted access to. Ex. `dta` | | returnUrl | string: (Optional) Where to go after logging in. | ::: info We recommend a `returnUrl` of `/hub/dta/dashboard` so that the user is automatically redirected to the DTA Dashboard after login. ::: ### Examples #### User already exists ``` curl --location --request GET 'https://api.ms-pep.com/login/link?email=justinm@demopartner.com&syncId=123456-1234-1234-12345&returnUrl=/hub/dta/dashboard' \ --header 'x-api-key: 12345DEMOAPIKEY' \ ``` #### User doesn't exist ``` curl --location --request GET 'https://api.ms-pep.com/login/link?email=justinm@demopartner.com&create=true&program=dta&partnerIdentifier=1234567&name=Justin Maier&returnUrl=/hub/dta/dashboard' \ --header 'x-api-key: 12345DEMOAPIKEY' \ ```