Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Problem in setting up SSO with jsconnect

My vanilla version is 2.5.3 and jsconnect plugin version is 1.5.5. I followed the documentation ( to installed basically everything I can comprehend but still I have something that I do not understand.

As the document writes:
"When linking or redirecting signed-in users to your forum, use the /sso endpoint on the forum. This triggers jsConnect’s user lookup on the connection with “default sign in method” selected without the user needing to click. Optionally, you can provide a Target parameter with a relative path to specify where they should ultimately land on the forum. Example: This is the final critical step in a fully seamless experience."
I do not quite understand where I can find the /sso endpoint on the forum. I read some posts which state that I need to direct my webpage to "myforum/sso". However, it seems like the url does not even exist.

At the forum side, my setting is like:
Authentication URL: http://localhost/helpcareconnect/production/sso_info.php
Sign In URL: http://localhost/helpcareconnect/production/login.php?src=vanilla
Registration URL: http://localhost/helpcareconnect/production/login.php#signup?src=vanilla
Sign Out URL: http://localhost/helpcareconnect/production/login.php

And at my website side, the Authentication file is like:
require_once dirname(FILE).'/functions.jsconnect.php';

// jsConnect settings information
$clientID = "1635577339";
$secret = "331cfe98027574f98fcdeba3f9d6e960";

// Grab the current user from your session management system or database here.
$signedIn = true; // this is just a placeholder

// Fill in the user information in a way that Vanilla can understand.
$user = array();

if ($signedIn) {
$user['uniqueid'] = $_SESSION['username'];
$user['name'] = $_SESSION['firstName'] . ' ' . $_SESSION['lastName'];
$user['email'] = $_SESSION['username'];
$user['photourl'] = '';

$secure = false;
writeJsConnect($user, $_GET, $clientID, $secret, $secure);
header ('../forum');

Now, I have a good response from my endpoint by the test url. That is the result i got:

test({"email":"","ip":"","name":"xxx xxx","nonce":"jsconnect_5b88380cbe03e8.00925007","photourl":"","uniqueid":"","client_id":"1635577339","sig":"b23b67ca38fdeb2f15cbec8ec0340a8b","v":"2"})

However, I still cannot make the forum sign in. Every time I click the 'sign in with xxx', it directs me back to my own sign in webpage. And even if I sign in at my own webpage again, it just directs to my own dashboard instead of the forum. I am stuck that how i can direct my webpage to the forum. It seems like I missed something important.

Anyone have some thoughts on it? It almost ruins my week...


Sign In or Register to comment.