Admin Portal

Empower your customers to configure and manage Single Sign-On settings by themselves

The Admin Portal allows enterprise organizations to easily configure connections between your app and their identity or directory providers. By providing a self-serve portal, you can reduce back-and-forth communication between your team and your customers' teams. Scalekit fully hosts and manages the Admin Portal, offering two integration options:

1. No-Code Admin Portal: Generate a shareable link to the portal and distribute it to your customers through regular communication channels.
2. Embedded Admin Portal: Seamlessly integrate the Admin Portal into your application using an iframe.

1. No-Code Admin Portal

Generate a Shareable Link

Log in to your Scalekit Dashboard.

1. In the Scalekit Dashboard, navigate to the "Organizations" tab.
2. Select the organization you want to provide with access to the portal.
3. Click "Generate Link" to create a new, shareable Admin Portal link.

Important Considerations

• This link is valid for 7 days but can be revoked at any time from the dashboard for security purposes.
• The link can be distributed through communication channels such as email, Slack, etc
• Exercise caution, as anyone with this link can view and update their organization's Single Sign-On settings

2. Embedded Admin Portal

Embedding the Admin Portal within your app provides advantages such as Easy discoverability, Convenient access for making changes on the go, and Reduced navigation barriers for IT admins.

Install the Scalekit SDK, which includes the generatePortalLink() method:

Setup SDK

Node.js

npm install @scalekit-sdk/node

Python

pip install scalekit-sdk-python

Go

go get -u github.com/scalekit-inc/scalekit-sdk-go

Java

/* Gradle users - add the following to your dependencies in build file */
implementation "com.scalekit:scalekit-sdk-java:1.1.2"

<!-- Maven users - add the following to your `pom.xml` -->
<dependency>
    <groupId>com.scalekit</groupId>
    <artifactId>scalekit-sdk-java</artifactId>
    <version>1.1.2</version>
</dependency>

Use the Generate Portal Link API to create a unique and embeddable Admin Portal link for an organization:

Generate Portal Link

Node.js

import { Scalekit } from '@scalekit-sdk/node';

const scalekit = new Scalekit(
  process.env.ENVIRONMENT_URL,
  process.env.CLIENT_ID,
  process.env.CLIENT_SECRET,
);

async function generatePortalLink(orgID) {
  const link = await scalekit.organization.generatePortalLink(orgID);
  console.log(JSON.stringify(link, null, 2));
}

The API will return a JSON object containing the location property, which is the URL to the Admin Portal.

Generate Portal Link (Response Object)

{
  "id": "8930509d-68cf-4e2c-8c6d-94d2b5e2db43",
  "location": "https://random-subdomain.scalekit.dev/magicLink/8930509d-68cf-4e2c-8c6d-94d2b5e2db43",
  "expireTime": "2024-10-03T13:35:50.563013Z"
}

Access the location property and set it as the src attribute of an iframe in your web pages.

Embed Admin Portal in an Iframe

<body>
  <h1>Admin Portal (Embed)</h1>
  <iframe
    src="https://random-subdomain.scalekit.dev/magicLink/8930509d-68cf-4e2c-8c6d-94d2b5e2db43"
    width="100%"
    height="600px"
    frameborder="0"
    allow="clipboard-write"
  >
  </iframe>
</body>

UI Events in the Portal

When the Admin Portal is embedded in your application via an iframe, it can emit events to the parent window. You can capture these events using the window.onmessage method.

Listening to Portal Events in the UI

window.onmessage = event => {
  if (
    event.origin === '<SCALEKIT_ENVIRONMENT_URL>' && // 'https://yourapp.scalekit.dev'
    event.data &&
    event.data.event_type === 'ORGANIZATION_SSO_ENABLED' // Check for the specific event type
  ) {
    console.log(event.data); // Handle the event data
  }
};

Below is an example of the data structure you might receive in your browser console when the ORGANIZATION_SSO_ENABLED event is triggered:

Event Data in Browser Console

Loading...

note

1. The domain of your parent window must be listed in the Scalekit Dashboard > API Config > Redirect URIs for security purpose
2. Always validate the event.origin to ensure events are coming from a trusted source.

Important Considerations

1. The generated link is designed for one-time use and expires after 1 minute.
2. The embedded portal session times out after 6 hours, requiring administrators to complete the configuration within this period.
3. Ensure your domain is listed as one of the Redirect URIs in the Scalekit Dashboard > API Config.
4. Once activated, the IT admin can configure SSO for an extended period. The session remains active until the setup is complete.

The Admin Portal can be customized to match your brand's logo and colors. Refer to the Customize Admin Portal Guide for more information.