Alternative to Single Sign On.

[vanderLeest 5]

I have setup 2FA for external users.

To enable an extra level of security (for malicious hackers) as well as an already trusted user interface/landing page for internal users, my  idea is to route internal users through another application named PALMS, which they are already familiar with.

As they log into PALMS, their login instance receives a unique token (picked from a table with 1 Million predetermined tokens). My Caspio app will have an identical table of with the same 1M tokens.

The link from a PALMS page to the Caspio App will have the following structure: <a href="URL?AppKey=[@Token]&Emp_ID=[@Emp_ID]">Caspio App</a>.  

Can I create something on landing on a Caspio page that will pick up the Token and Emp_ID from the URL and to store it in  table and verify a my version of the Token table and Staff table?

Any help appreciated.

NB Single Sign-On (SSO) via Caspio is only available through a Corporate plan and hence too expensive for us.
 

[SinJunYoung 19]

Hi, I recommend the ID services SSO https://howto.caspio.com/authentications-and-connections/authentication/ for the function. For security purposes, they are not recommending SSO workaround and this is also to avoid issues with data privacy and all. So unless we try the standard SSO under corporate plan, it is better to use the custom authentications.