How can I implement SingleSignOn when connecting to RingCenral using ringcentral-csharp-client SDK?

  • 1
  • Question
  • Updated 4 days ago
How can I implement SingleSignOn when connecting to RingCenral using ringcentral-csharp-client SDK? We have an inhouse application which instantiates RCclient, in this stage of development we are connecting using main account credentials. Unfortunately we are running into API limits since the app may have many instances (up to 100) for each of our users.

We do not want to ask for RC credentials as we already have SingleSingOn using Office365 working.

Is there a way to make this work with RC connection programmatically?
Photo of Adam Antoszewski

Adam Antoszewski

  • 160 Points 100 badge 2x thumb

Posted 2 weeks ago

  • 1
Photo of Tyler Long

Tyler Long, Official Rep

  • 6,298 Points 5k badge 2x thumb
Hi Adam, I don't quite understand what you want to do here.

Is SingleSignOn a solution for the rate limit issue?  I don't think so. No matter how you sign on, you will have rate limit issue as long as you make too fast requests.

At if all your 100 instance share the same RC credentials, only 5 of them could have active access token at a time. That's a limitation of RC Rest API.
Photo of Adam Antoszewski

Adam Antoszewski

  • 160 Points 100 badge 2x thumb
Our users sign in to the app using SingleSignOn. So we would like create a session with RC under their credentials (phoneNumber and password are used by ringcentral-csharp-client) in order to stay within the limits of tokens and APIs.
We don't want to ask users for their RC credentials.
Photo of Phong Vu

Phong Vu, Devangelist

  • 2,256 Points 2k badge 2x thumb
Hi Adam,

Please read this article as it would guide you to setup SSO for your account users.
https://success.ringcentral.com/articles/en_US/RC_Knowledge_Article/1149

Your frontend app (c# or what ever) will need to implement 3-legged authentication in order to login with SSO.

Hope this helps,
+ Phong
(Edited)
Photo of Adam Antoszewski

Adam Antoszewski

  • 160 Points 100 badge 2x thumb
Our company has implemented SSO for RingCentral access. I also have a test application working with ringcentral-demos-oauth project which redirects to https://service.ringcentral.com.
User then logs in via SSO, but how do I get the token back?
Photo of Adam Antoszewski

Adam Antoszewski

  • 160 Points 100 badge 2x thumb
Also, getting this error when running ringcentral-client-oauth project with "Blocked a frame with origin "http://localhost:8080"; from accessing a cross-origin frame." when expecting token to come back from https://service.ringcentral.com after successful SSO.
Photo of Tony Li

Tony Li

  • 60 Points
In order to do the 3-legged OAuth login flow, you will need to bring up a pop-up browser window and set the 3-legged OAuth URL there. For the security reason, the 3-legged OAuth flow should never happen inside an iframe, which has been explicitly blocked by x-frame-options. It's very similar to the login flow when you try to login this devcommunity.ringcentral.com app with Google ID, you will see the Google login page is brought up in a pop-up instead of being rendered in an iframe.

The above behavior will be enforced in the new version of login page, so for now, embedding "https://service.ringcentral.com" in an iframe will still work.

The problem you encountered with the error - "Blocked a frame with origin "http://localhost:8080"; from accessing a cross-origin frame." - might be the inconsistency of protocol, where your main page is using "http", but iframe is using "https".
(Edited)