Remote User Management (SSO) Service
The Remote User Management service is a Digital River™ single sign-on (SSO) API for clients. The API allows end users to sign on once and navigate across multiple domains. Clients can choose to pass user attributes that you can use to customize session management (for example, target merchandising) or order management (for example, capture user attributes as part of the order).
When using SSO, you can assume the following:
- The client is the primary record for user information
- Digital River acts as a replica and updates user information from the primary as needed
- Digital River allows creation of new users and sends the registration information to the primary for validation
My Account Assumptions
Digital River sites contain a MyAccount section for self-service activities that allows you to manage accounts/orders/billing options/subscriptions for end-users. With SSO in place, you can assume the following:
- User information updates go to a page hosted on a client site. The page can be either a pop-up page or a direct link with a return_to URL.
- Forgot Password links goes to a client site. (Typically this is a pop-up window.)
- Digital River pages perform order/billing options/subscription management.
High-level Overview Diagram
- A customer can either sign on to the Site/Offering at Client or sign on at Digital River. Remote Login calls verify the login request.
- The Client hosts the My Profile pages, where customers can update their email address and address book. The Client can also collect additional information not required by Digital River (for example, Employee Identification Number (EIN), and so on).
- Digital River hosts the My Payment Information and My Order History pages. The customer can update billing account information through Digital River and view order details.
- The Remote Login Request/Response occurs when a customer signs on through Digital River. This sign on allows the customer to be logged in to Digital River and the Client simultaneously.
- The Remote Session Validation Request contains a Client token that is validated by the Client. The Remote Session Validation Response passes the Client's Unique Authenticating ID to Digital River as the External Reference ID.
- The Get User Profile Request/Response retrieves updated customer information from the Client. The call is initiated when the customer signs on to Digital River, ensuring that Digital River has the most up-to-date information from the Client.
- At the time of purchase, the Create User Request/Response validates new customer accounts at the Client. If a new account was created, the call to the client retrieves a new Unique Authenticating ID (External Reference ID) for the new customer account.