Retaining session when redirecting to SSO site from foxy cart site

tushar_bsiltushar_bsil Member
in Help edited June 2013
Hi There,

I am using SSO and the flow is like this
1. User clicks on add product on our site and it takes them to foxy cart cart page
2. They click checkout and since SSO is activated they come back to our site for logging in
3. we validate credentials and then redirect them to foxy cart checkout page passing appropriate authkey for this customerid
4. customer completes order and gets redirected back to our site.
Issue - when customer is on our site (step 1) their info is in our session say session 1, when they come back from foxy cart after completing order (step 4) they do land with correct session. However, when they are redirected to our site for SSO (step 2) it creates diff session, say session 2.
Since login is created in session 2, when they come back to our site after completing the order (which gets into original session) our site thinks user is not logged in and hence does not show order details for that customer.

Is there any setting/parameter that needs to be passed to cart site for SSO link landing our site on correct session?

Thanks for your help.

  • winstonwinston FoxyCart Team
    edited June 2013

    Can you confirm you're using the latest version of the FoxyCart api? And could you post the URL? Feel free to whisper if it need be.
  • Yes we do use latest api, not sure if i can post url as its a live site and prefer not to mess it up.
  • fc_adamfc_adam FoxyCart Team

    If you could whisper us your store details, that would be awesome - that way we can look at your store settings to see if anything looks off. We won't be placing any transactions through the store at all. You can whisper the details by clicking the "whisper" checkbox and entering my username in the box that appears.

    In your workflow, in step 2 we are simply performing a redirect back to your site, so you should be able to access the same session for your existing customer. Are you using a specific system to manage your site? There may be some script(s) you need to include on your SSO script in order to access the current users session, which would explain why it's not finding it in your script.
  • fc_adamfc_adam FoxyCart Team

    Thanks for whispering those details.

    In your SSO endpoint, are you missing any code that you have in other sections of your website to access the current session data? That's where I'm leaning at this point after looking at your settings.

    Also, your SSO endpoint just links to your login page - do you have logic there that checks if a user is already logs in, and if so sends them straight over to the checkout page rather than showing the login screen? Details on that approach here:
Sign In or Register to comment.