This file has been truncated. show original
# Single Sign On (SSO)
The customer management framework supports integration with third-party services for single sign on. Thus, services
like Google, Twitter, Facebook, etc. can be integrated and used as SSO providers for user registration and user login
while the CMF acts as SSO client.
The CMF does not ship with a complete SSO client implementation but rather defines a standard setup how a SSO client
authentication can be implemented. The basic SSO client authentication process could look like the following:
**Scenario 1: Customer is not logged in**
1) Customer clicks on a "Login with RandomProvider" button (e.g. Google).
2) Browser redirects to the provider, user logs in and allows our application to access its data (e.g. an OAuth grant).
3) Browser returns the customer to our site, including details about the provider profile (e.g. a unique ID).
4) We try to find a local customer with such a provider ID ("find a local customer with the ID `12345678` on RandomProvider).
1) If a customer is found, he can be logged in and the process ends.
2) If **no** customer is found, a new customer object has to be created. If additional information of the customer is
needed, a sign-up form can be presented with pre-filled data from the third-party response where the customer can
check and complete the sign-up data.