Portal SSO via auth code exchange
Authentication
Portal SSO via auth code exchange
Exchanges a short-lived authorization code for an access token via the Core API, creates a new session, and redirects to the requested path. Used by the portal to embed Sales CoPilot in an iframe.
Flow:
- Exchange
codevia Core APIPOST /auth/code/exchange(Basic auth with SSO client credentials) - Validate the returned access token via
/user/meto get user/org info - Create a new session (always — never reuses an existing one)
- Set session cookie (plus embedded cookie if
embedded=1) - Revoke any prior session (best-effort)
- Redirect to a clean URL (no
codeparam in the final location)
GET
Portal SSO via auth code exchange
Query Parameters
Short-lived authorization code issued by the portal
Internal path to redirect to after successful authentication
Set to 1 when running inside a portal iframe. Enables embedded mode cookies and error handling.
Available options:
0, 1 Portal theme preference. When set, a theme cookie is stored so the initial render matches the portal appearance without a flash.
Available options:
light, dark Response
302
Redirects to the redirect path on success, or to /login?error=sso_failed (standalone) / /embedded-auth-error (embedded) on failure. Returns a redirect on missing or invalid code, or Core API rejection.