# Web Portal Integration FibriCheck offers a web portal for healthcare professionals to manage patients who are performing measurements. It's possible to redirect users to a specific page within the portal without that user having to log in, using a pre-generated link that contains authentication information. Possible use cases for this feature are: * **Easy redirect** - redirect users from the patient record software directly to the correct page in the FibriCheck Portal, without the user having to log in. * **Context Integration** - by using the URL, the FibriCheck Web Portal can be easily embedded in third-party software through an iframe. {% embed url="" %} ### Structure of the redirect URL The image below shows the important parts of the redirect URL:

Example of a single sign-on redirect URL

In the following URL, the parts that need to be replaced are indicated with curly brackets `{{ }}`: ``` https://pages.dev.fibricheck.com/consume_ssotoken/?ssoToken={{token}}&redirect=https%3A%2F%2Fpages.dev.fibricheck.com%2Fportal%2F%23%2Fpatients%2F{{userId}}%2Fdetails%2Foverview ``` ### How to generate an SSO token? `POST` `/auth/v2/oauth1/ssoTokens/generate` Executing this endpoint will generate a single sign-on token for the authenticated user. The endpoint does not require a body.\ \&#xNAN;*This endpoint requires being authenticated through an OAuth1.0 application.* **Response** {% tabs %} {% tab title="200" %} ```json { "userId": "6422a0d97db02e7197c8dfcf", "createdByApplicationId": "5811ccc246e0fb0006efdc8d", "ssoToken": "bc7a175f3e36b7a84aacfcf98428d1ed61d54800", "updateTimestamp": "2024-08-12T09:30:57.778Z", "creationTimestamp": "2024-08-12T09:30:57.778Z", "id": "66b9d651e18f465bbdf5ad7f" } ``` {% endtab %} {% endtabs %} ### Use correct credentials to generate an SSO token An SSO token will always be generated for the authenticated user executing the API call. As a consequence, the generated token will have the same data access as the authenticated API user. In cases where a single third-party platform serves multiple organizations, it's important to use separate organization-specific credentials to generate the SSO token.
In FibriCheck, data from different organizations is scoped to different groups. The *System Integration User* has access to all the data of all organizations using FibriCheck through the third-party platform. When an SSO token, generated using this *system integration account,* is shared with organization A, that token would also provide access to data of organization B in the FibriCheck portal. To avoid this, separate HCP users are typically created by FibriCheck that only have access to data of a single group. **Always use organization-specific HCP user credentials when generating SSO tokens** to ensure access is limited to a single group. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.fibricheck.com/introduction/web-portal-integration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.