Django Single Sign On(SSO) to multiple applications

Single sign on is a way for users to issue a security token for the first time login, login into multiple applications using one set of credentials i.e security token.

Adding sso to an application will make things easier for users, because they dont need to remember login credentials for multiple applications. User just need to enter their login credentials for first time instead of re-entering their credentials for every application login.

In this post, we'll see how to add single sign on to multiple django applications using django-simple-sso.

Using django-simple-sso, we should have single server, multiple clients.

1. Server will have all users information which'll authenticate user details at the time of login, creates token for the first time. Using their security tokens, it'll authenticates user details
2. Each Client or application needs to generate their public key, private key in the server to perform requests securely.

How Django SSO works for multiple applications?

User --> application -- > SSO Server --> application

1. When User log into an application, the client will send a request with next GET parameter, which have redirect url after successful login

2. Request details(application details: public key, private key, redirect url) will be validated at server

3. It returns user request token which'll be created for the first time login

4. Using request token, we're sending a request to server to verify user authorization. For successful authorization, it will return user security token. If user is not loggedin, it'll ask to enter user login details.

5. client will send a post request to server to verify user access token.

6. If the user access token is valid, the server returns a serialized Django User object.

7. The application logs the user in using the Django User recieved from the server.

Server Side:

1. Install django-simple-sso using the following command:

    pip install django-simple-sso

2. Run the following command to store each client or application details, user tokens.

    python migrate

3. Create application or client details(public key, priavte key) in the server side in the django shell.

    from simple_sso.sso_server.models import Token, Consumer

    Consumer.objects.create(public_key='your_application_public_key', private_key='your_application_private_key', name='your_application_name')

4. Add 'simple_sso.sso_server' to INSTALLED_APPS


5. Intialize the server and add the following url patterns to file:

    from simple_sso.sso_server.server import Server

    test_server = Server()

    urlpatterns += [

        url(r'^server/', include(test_server.get_urls())),



Client Side:

1. Install django-simple-sso using the following command:

    pip install django-simple-sso

2. Add Public key, private key, server url to application settings

    SSO_PRIVATE_KEY = 'Your Private Key'

    SSO_PUBLIC_KEY = 'Your Public Key'


3. Initialize the client and add the follwing client urls to application urls:

    from simple_sso.sso_client.client import Client

    test_client = Client(settings.SSO_SERVER, settings.SSO_PUBLIC_KEY, settings.SSO_PRIVATE_KEY)

    url(r'^client/', include(test_client.get_urls())),

Create 2 client apps with the above settings. Add different hostname to your appplication using /etc/hosts file.

visits your applications, it'll ask for user credentials if not logged in already. After successful login, visits other application, user'll be logged in already.

    By Posted On

Need any Help in your Project?Let's Talk

Latest Comments
Related Articles
Implement search with Django-haystack and Elasticsearch Part-1 Ravi Kumar Gadila

Haystack works as search plugin for django. You can use different back ends Elastic-search, Whose, Sorl, Xapian to search objects. All backends work with same ...

Continue Reading...
Django-REST User Level Permissions and Object Level Permissions Chaitanya Kattineni

Django-REST User Level Permissions and Object Level Permissions. User Level Permissions and Object level Permissions allow to serve customers based on their access levels or ...

Continue Reading...
How To Write Custom migrations in Django Shirisha Gaddi

This blog post will help you to get deeper into Django Migrations - how Migrations works and how to create or add our custom migrations. ...

Continue Reading...

Subscribe To our news letter

Subscribe and Stay Updated about our Webinars, news and articles on Django, Python, Machine Learning, Amazon Web Services, DevOps, Salesforce, ReactJS, AngularJS, React Native.
* We don't provide your email contact details to any third parties