Single Sign On API
LimeLight CRM Support
October 20, 2017 20:11
Single Sign On functionality is intended for third party Customer service providers logging in to a LimeLight domain.
Please see the attached file at the bottom of the page for an example of how to implement and receive the link necessary for LimeLight Single Sign On. Implementing Single Sign On directly is an advanced feature and is only necessary for tight integration of LimeLight to call center software. Most call centers will be able to use our https://my.limelightcrm.com agent portal to manage single sign on for call center agents.
There are URL based integrations that can be used to link call center software (e.g. Five9) to LimeLight CRM single sign on. When you are assigned a single sign on account as a call center, you will be assigned a group ID. Your system will also need to have knowledge of the client subdomain that you are attempting to access. The format for the "pop URL" will be:
For example, if you are assigned group_id=21 and are attempting to connect to client_subdomain=demoaws:
If the agent has not logged into my.limelightcrm.com before, they will be prompted to login with their assigned username/password, but then be directed straight to the CRM for demoaws (e.g. https://demoaws.limelightcrm.com). The next time the agent takes a call and is directed to a new CRM, they should not have to sign in as long as the session has not timed out. For example if the next call is for client_subdomain=sandboxdemo, the next pop URL will be:
This would take the agent straight into sandboxdemo (https://sandboxdemo.limelightcrm.com) without logging in again.
In the case that a call center wants to directly implement the low level SSO API, the following information would need to be provided by LimeLight to the call center partner.
The required fields to make a successful request are:
- Platform-Key (This will be given to you by LimeLight)
- department_id (These will be given to you by LimeLight)
- username (your agents should have unique usernames in order to track activity of an agent)
- fullname (full name of the agent)
To perform the request, you will send a cURL request to https://<APPKEY>.limelightcrm.com/sso/0 where <APPKEY> is the client that you are requesting the token from. For example, a request would be sent to https://demoaws.limelightcrm.com/sso/0
In the headers of the request, include the following:
- Content-type: application/json,
- Platform-Key: <PLATFORM_KEY>
The <PLATFORM_KEY> value will be provided to you by LimeLight. In addition, a whitelist of IP addresses from the call center that will be making this SSO request MUST be provided to LimeLight in order to set this up.
Finally, for the data portion of the cURL you will include the parameters for the request in JSON format. The required fields are listed above. There are optional fields that can be added to the request:
- campaign_id (This is a csv of the LimeLight campaign IDs that the user will have permission to, if you leave this parameter blank, LimeLight will assume that the user has access to all campaigns)
- email (the email address of the agent)
- call_center_did (inbound phone number the customer called into)
- customer_cid (customer phone number via caller ID)
The response returned will be in JSON format. The values returned are as follows:
A successful response will return a success of 1 and code of 200.
Any failures will return a success of 0, the code for the failure that occurred, and a message with a description of why the request has failed.
// Be sure to update the <APPKEY> and <PLATFORM_KEY> accordingly
$username = '';
$fullname = '';
$department_id = '';
$headers = [
$data = [
'username' => $username,
'fullname' => $fullname,
'department_id' => $department_id,
$curl = curl_init();
CURLOPT_URL => 'https://<APPKEY>.limelightcrm.com/sso/0',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 30,
CURLOPT_SSL_VERIFYHOST => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_HTTPHEADER => $headers,
CURLOPT_POSTFIELDS => json_encode($data),
$response = curl_exec($curl);
if ($results = json_decode($response))
echo 'Something went wrong. Double check your configuration.';