MindTouch offers a way to automatically redirect users to your Single Sign-On (SSO) endpoint. This document should be used when setting up a custom SSO endpoint, where your expect all of your users to authenticate through the same endpoint.
By default, when anonymous users try to log in to MindTouch, they are redirected to the Special:UserLogin page. However, if you are using a custom SSO authentication method, those users would need to log in to your SSO portal which sets up their user account and login. MindTouch Support can change the default login endpoint from 'Special:UserLogin' on the MindTouch site to instead point to your SSO endpoint, and include a URL parameter so your endpoint can redirect the user back to the desired page.
The simple redirect only passes in the URL to the topic the user tried to access in MindTouch. This approach is immediately useful for most SSO endpoints as they will often have a 'redirect' parameter ready to go with minimal conversion. However, this approach will not work for Content ID links to MindTouch, as they will not include the CID URL parameter.
Example simple redirects
In addition, MindTouch offers a more complex redirect, where the full MindTouch URL and its parameters are URL encoded and passed to your SSO endpoint. Using this method means you can maintain URL parameters such as the Content ID, as well as any custom URL parameters you want to use with your SSO endpoint.
However, note that your SSO endpoint will need to parse and decode the parameter in order to be able to read the extra URL parameters and redirect correctly.
Example URL encoded redirects
If there is an issue with your SSO endpoint, and you need to login to your MindTouch site with this setting enabled, you will need to access your MindTouch URL at the Special:UserLogin page directly. For example, you can always log in using a local account by going to the
example.mindtouch.us/Special:UserLogin URL, replacing 'example.mindtouch.us' with your site's canonical domain name.
For more information on setting up a login redirect with your custom SSO implementation, please contact MindTouch Support and a support representative will be in touch to update this for your site.