Skip to main content

sessionLoginWithSSO Mutation

Description

Authenticates a user using single sign-on (SSO), creating a new session. Supports multiple SSO providers with provider-specific authentication methods. Invalidates any existing backoffice sessions for the user. Returns the new session with user information and admin domains.

mutation sessionLoginWithSSO($ssoInput: SSOInput) {
  sessionLoginWithSSO(ssoInput: $ssoInput) {
    _id
    configRef
    type
    user {
      _id
      firstName
      lastName
      name
      email
      addedAt
      type
      hasIntercom
      hasPasscode
      passwordToken
      lastLogin
    }
    jwt
    expires
    createdAt
    origin
    adminDomains {
      _id
      siteName
      active
      domainName
    }
    shopName
    admins {
      _id
      email
      name
      avatar
      hasPasscode
    }
    deviceName
    deviceId
    mfa
    ip
  }
}

Variables

{
    "ssoInput": {
        "type": "type",
        "jwt": "jwt",
        "code": "code",
        "audience": "audience"
    }
}

Response

{
    "sessionLoginWithSSO": {
        "_id": "1e81378f620fc7f20662a487",
        "configRef": "c4eb2fea7cee0c149c851ab3",
        "type": "example",
        "user": {
            "_id": "71ddce5487486e7a78099939",
            "firstName": "example",
            "lastName": "example",
            "name": "example",
            "email": "email@example.com",
            "addedAt": 1759611854110,
            "type": "example",
            "hasIntercom": true,
            "hasPasscode": true,
            "passwordToken": "example",
            "lastLogin": 1743754933912
        },
        "jwt": "example",
        "expires": 1714812101381,
        "createdAt": 1743326479297,
        "origin": "example",
        "adminDomains": [
            {
                "_id": "9ed36c5909de925bce42ca02",
                "siteName": "example",
                "active": true,
                "domainName": "example"
            }
        ],
        "shopName": "example",
        "admins": [
            {
                "_id": "4a9450a67567a4b936ed6660",
                "email": "email@example.com",
                "name": "example",
                "avatar": "example",
                "hasPasscode": true
            }
        ],
        "deviceName": "example",
        "deviceId": "example",
        "mfa": true,
        "ip": "example"
    }
}

Arguments

NameTypeDescription
ssoInputSSOInputSSO authentication input including provider type and authentication credentials (JWT or code).

Returns

Session