- Register your account at sso.tech-iitb.org
- Add your project via "My Projects" dashboard
- Configure your redirect URL
- Copy your Project ID and integrate
Note: New projects require admin verification. Unverified projects are limited to 10 active logins for testing.
ITC SSO provides centralized authentication for IITB applications. Users log in once and access multiple apps seamlessly. Perfect for student projects, clubs, and institutional services.
SSO Authentication and Data Flow
-
1
Redirect to SSO
Send users to:
https://sso.tech-iitb.org/project/{PROJECT_ID}/ssocall/ -
2
User Authenticates
User logs in (or is already logged in). SSO creates a session.
-
3
Callback with Session Key
User redirected back to your app:
{YOUR_REDIRECT_URL}?accessid={SESSION_KEY} -
4
Fetch User Data
POST the session key to get user profile information
Python / Django
# settings.py or config
PROJECT_ID = 'your-project-uuid-here'
# Step 1: Redirect to SSO
from django.shortcuts import redirect
def sso_login(request):
sso_url = f'https://sso.tech-iitb.org/project/{PROJECT_ID}/ssocall/'
return redirect(sso_url)
# Step 2: Handle callback
def sso_callback(request):
session_key = request.GET.get('accessid')
if not session_key:
return redirect('error')
# Fetch user data
user_data = get_user_data(session_key)
request.session['user_data'] = user_data
return redirect('dashboard')
# Step 3: Get user data
import requests
def get_user_data(session_key):
response = requests.post(
'https://sso.tech-iitb.org/project/getuserdata',
json={'id': session_key}
)
return response.json()
# Returns: {
# "name": "John Doe",
# "roll": "210050001",
# "department": "Computer Science & Engineering",
# "degree": "B.Tech",
# "passing_year": 2024
# }JavaScript / React
// config.js
const PROJECT_ID = 'your-project-uuid-here';
// Step 1: Redirect to SSO
function redirectToSSO() {
window.location.href =
`https://sso.tech-iitb.org/project/${PROJECT_ID}/ssocall/`;
}
// Step 2: Handle callback in your redirect page
async function handleSSOCallback() {
const urlParams = new URLSearchParams(window.location.search);
const sessionKey = urlParams.get('accessid');
if (!sessionKey) {
console.error('No session key');
return;
}
// Fetch user data
const userData = await getUserData(sessionKey);
// Store in state/localStorage
localStorage.setItem('user', JSON.stringify(userData));
}
// Step 3: API call to get user data
async function getUserData(sessionKey) {
const response = await fetch(
'https://sso.tech-iitb.org/project/getuserdata',
{
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ id: sessionKey })
}
);
return response.json();
}Node.js / Express
const axios = require('axios');
const PROJECT_ID = 'your-project-uuid-here';
// Step 1: Redirect to SSO
app.get('/login', (req, res) => {
const ssoUrl = `https://sso.tech-iitb.org/project/${PROJECT_ID}/ssocall/`;
res.redirect(ssoUrl);
});
// Step 2: Handle callback
app.get('/auth/callback', async (req, res) => {
const sessionKey = req.query.accessid;
if (!sessionKey) {
return res.redirect('/error');
}
try {
const userData = await getUserData(sessionKey);
req.session.userData = userData;
res.redirect('/dashboard');
} catch (error) {
console.error('SSO Error:', error);
res.redirect('/error');
}
});
// Step 3: Fetch user data
async function getUserData(sessionKey) {
const response = await axios.post(
'https://sso.tech-iitb.org/project/getuserdata',
{ id: sessionKey }
);
return response.data;
}Successful authentication returns:
{
"name": "John Doe",
"roll": "210050001",
"department": "Computer Science & Engineering",
"degree": "B.Tech",
"passing_year": 2024
}Field Descriptions:
name
Full name of the user
roll
Unique IITB roll number
department
Academic department/branch
degree
B.Tech, M.Tech, PhD, etc.
passing_year
Expected graduation year
Handle these HTTP status codes in your application:
Bad Request
Missing or invalid session key in request
Forbidden
Session has expired (valid for 1 hour)
Not Found
Invalid session key or project ID
Secure Storage
Store session keys in server-side sessions or httpOnly cookies. Never expose in client-side JavaScript or localStorage.
Validate Sessions
Sessions expire after 1 hour. Always validate before granting access to protected resources.
Error Handling
Handle network failures, expired sessions, and invalid responses gracefully with clear user feedback.
Cache Data
Cache user data after fetching to reduce API calls. Refresh only when necessary.
/project/{project_id}/ssocall/
Initiates SSO authentication. Redirects to login if needed, then to your callback URL with session key.
/project/getuserdata
Retrieves authenticated user profile data.
Request Body:
{
"id": "session_key_from_redirect"
}Response (200 OK):
{
"name": "John Doe",
"roll": "210050001",
"department": "CSE",
"degree": "B.Tech",
"passing_year": 2024
}- Add your project in the "My Projects" section
- Use the "Test SSO Login" button in project details
-
Verify your app receives the
accessidparameter - Test the user data fetch and session validation
Testing Tip: Unverified projects can have up to 10 active test logins. Request verification for production use.
GitHub Repository
Source code, issues, and contributions
ITC Web Team
Contact for support and assistance
Examples
Check sample implementations above