SSO Integration
Overview
This document provides instructions for integrating Single Sign-On (SSO) with 1mg. SSO integration allows users to access 1mg services seamlessly from your platform via redirection to TATA1MG main website, creating a smooth user experience.
SSO Flow
In this integration method, users are redirected from your platform to 1mg via an SSO-based integration.
Partner Redirection Flow
User Login: Users log into the partner's portal (mobile app, mobile web, or desktop web).
- Note: The user's mobile number must be collected by the merchant at this stage.
1mg Entry Points: Users see entry points for different business verticals such as 1mg (https://www.1mg.com/) and 1mg Labs (https://www.1mg.com/labs) within the partner's portal.
Redirection to 1mg: Upon clicking the entry point, the user is redirected to the 1mg portal.
Merchant User Experience: The user can browse and interact with the 1mg portal like a regular user, but they will be treated as a merchant user and receive special benefits.
Desktop Web (DWEB)
Mobile Web (MWEB)
- Customization Options: The 1mg home screen can be customized with banners and automatically applied coupons.
Coupon Auto-Application on Cart
- User Tracking: New user signups and traffic can be monitored by 1mg and shared with the partner.
Important Notes:
- The primary field for users in this integration is their mobile number.
- New user signups and existing user logins will always require OTP verification.
- Once the integration is tested in 1mg’s internal environment, the changes can be pushed to production.
- The auto-application of coupons can be tested after going live.
Integration Steps
Credentials Sharing: After onboarding, 1mg will provide the partner with credentials/keys necessary for SSO integration over email.
Merchant Key: The credentials include a merchant_key, which is a unique UUID used to generate the Tokens required for the SSO flow.
Testing Environment: After 1MG has onboarded merchant on our jupiter environment (Testing), update the Host URL to jupiter.
https://api.1mg.com->https://jupiterapi.1mg.comhttps://api.1mg.com/api/v6/b2b/generate_hash->https://jupiterapi.1mg.com/api/v6/b2b/generate_hashhttps://1mg.com?merchant_token=[hash_data]&number=[merchant_user_number]->https://jupiter.1mg.com?merchant_token=[hash_data]&number=[merchant_user_number]
Creating a Token:
- Merchants need to create a token by making a POST request to the following API:
curl --location --request POST 'https://api.1mg.com/api/v6/b2b/generate_hash' \
--header 'X-Access-key: 1mg_client_access_key' \
--data-raw '{
"number": "6249900260",
"merchant_key": "ade99fde-bb38-4f5c-95d3-9d857345bd9c", # Provided by 1mg
"user_id": "1",
"source": "merchant_name", # Provided by 1mg
"redirect_url": "https://1mg.com"
}'Field Description numberMerchant User's Mobile Number merchant_keyUnique Key Provided by 1mg user_idConstant Value (send any string) sourceMerchant Name Provided by 1mg redirect_urlURL to Redirect the User to 1mg Merchant Key for Testing: This will be shared by 1MG for jupiter environment for testing.
Production Key: Provided upon request by 1mg.
Mandatory Headers:
- Include the following header in your API request:
--header 'X-Access-key: 1mg_client_access_key'
- Include the following header in your API request:
Token Usage:
- The API will return a hash_data, which is used for the merchant login on 1mg.
- To initiate the merchant login flow, use the following URL:
https://1mg.com?merchant_token=[hash_data]&number=[merchant_user_number]
Accessing 1mg Interface:
- Use the dummy OTP 214263 on jupiter.1mg.com during pre-staging testing (Note: No OTP will be sent in the pre-staging environment).
Final Notes:
Production Deployment: Contact the 1mg team to push changes to production.
Merchant Key and Whitelisting: 1mg will generate the necessary keys and whitelist the merchant.