Single Sign-On (SSO)

Working with single sign-on tokens for the Fusebill self-service portals.

The Self-Service portals provided by Fusebill support Single Sign-On (SSO)

Assuming the Self-Service portal has already been created and SSO has been enabled, this tutorial provides the steps necessary to provide SSO authentication to the Fusebill Self-Service Portal from your own application.

Note that in order to set up single sign-on, it either needs to be configured by Fusebill staff (for v1/custom/legacy pages) or on your portals page (for v2/self-managed pages).


Test before deploying.

While single sign-on is enabled, customers will not be able to log into the login page provided by fusebill for the self-service portal.

It is strongly recommended that you ensure this works in a sandbox or staging account prior to deploying this for use with your customers and enabling SSO in your live account.

Generate a token for the customer

Generate a token for the customer using the Read Token endpoint.


Notes About Tokens

  1. Each token that is generated is valid for a single customer that is specified in the URL.
  2. Generating a token for a customer will invalidate all previous tokens for that customer.
  3. The token is consumed on use, i.e it can only be used once.
  4. The token expires very quickly, so the customer should be directed to their portal as soon as the token is received.

A sample request/response is shown below:

GET /v1/SingleSignOn/GetSingleSignOnToken/339686 HTTP/1.1
Authorization: Basic {{YourAPIKey}}
Cache-Control: no-cache

Direct the Customer to the Portal

The homepage of your Self-Service portal will be:

To log the customer into the Self-Service Portal using the generated token, we append the token to above URL like so

The above URL will automatically log the customer into the portal under the Fusebill ID specified in the request, and consume the token.


Directing to other areas of the portal

You can direct the customer to a sub-page within the portal, for example the payment method page. All available URLs are listed below


Note Regarding SSO in Staging Environment

HTTP instead of HTTPS must be used, otherwise you will receive an ERR_CONNECTION_REFUSED error.

Sandbox accounts are in the production environment and use https and


Error 400: "Single Sign-on not enabled."

Single sign-on has not been enabled for your portal. If this is a self-managed portal, you will need to log into the admin panel, navigate to the portals section, and then enable SSO. Note that while this is on, users will not be able to log into the Self-Service portal through the login pages provided by Fusebill.