Default and custom authentication tokens

Cross-domain single signon solutions employ authentication tokens that convey an encoded version of the user identity to the destination server. The construction of these tokens by the initial server is called "token creation". The decoding and use of the token by the destination server is called "token consumption". WebSEAL uses built-in token create and token consume modules to allow default CDSSO operation.

Alternatively, we can build custom token create and consume modules to meet the specific requirements of the network and Security Verify Access implementation. Complete information and API reference material for cross-domain external authentication can be found in the IBM Security Verify Access for Web: Web Security Developer Reference.

Parent topic: Cross-domain single signon concepts