Skip to Content

SSO Authentication in CDC

Hello Experts,

We have created the site group for SSO (under Parent site, we have added 2 child sites).

We are not able to see/feel the SSO experience on sites the functionality of automatically logged in to sites.

I have a few questions related to SSO.

Do we need to add any code on 'onLogin' event for SSO?

Do we need to compulsory implement Gigya as SAML IdP/OpenID for SSO?



Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

2 Answers

  • Posted on Mar 05 at 02:43 PM

    Hi Kalyani Patil,

    In some browsers you may have different SSO experiences due to restrictions that have been enforced by the browsers. Since August 2019, SSO between different domains does not work on Safari and Firefox browsers, due to tracking prevention features that target adtech. These browser changes impact SSO capabilities offered by many CIAM vendors, including SAP Customer Data Cloud. To implement SSO in these situations, see SSO with Browser Tracking Prevention.

    Additionally we have a blog covering this topic that it's worth reviewing

    If you require any guidance around the architecture and implementation of SSO across your sites then I would recommend engaging with Professional Services and reaching out to your Account Manager.



    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on May 07 at 05:27 PM

    Hi Kalyani Patil ,

    Can you try the following in chrome browser.

    once you are logged into site A, can you open in other tab site B but the page where you have the CDC screen sets hosted and see if you are automatically logged in or not as the screen set should pull in your data automatically as the SSO is enabled in your configuration. If you see the data in the screen set then you know the session has started in the new site as well so there is probably an issue with CMS not managing it well.

    Alternatively you can also do the following once logged into Site A goto site B and open the developer tools and in console type gigya.accounts.getAccountInfo() and you should see a network call with relevant API call if your session is established.

    You do not need any SAML/OIDC if the sites are belonging to the same parent.


    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.