Has Valid SSO Session
Checks whether the current journey is running in the context of an SSO session
Description
This step is used to verify whether the current journey is executed in the context of a valid SSO session, meaning the user's session is still active and has not expired after a successful authentication.
Additionally, it allows access to information collected by the Enrich SSO Session step during previous runs of this journey, accessible via the output parameter. Additionally, it automatically loads the @policy.userContext() created during previous runs of the journey in this session.
This step is useful in the following cases:
- Perform a silent login if the user is in a valid SSO session.
- Inspect previous authentications made in this session and decide if a step-up authentication is needed.
- Inspect custom data stored during previous authentications and act on it.
Configuration
| Field | Description |
|---|---|
| Output Variable | If the session is valid, this variable will contain the session information as demonstrated below |
Example
Consider a journey that performs Device Validation, which generates an output variable called key_id associated with the device validation. Keeping the key_id as part of the session enrichment is useful to run inspections and ensure that all SSO activity occurs in the context of the same device during subsequent runs. The Has Valid SSO Session step collects data from previous runs, and allows inspection of this information via its output variable, which provides the session history in the following JSON format:
{
"enrichment_data": {
"session": { ... }, // session enrichment data from previous runs, see below
"token": { ... } // // optional token enrichment data from previous runs
},
"expires": "1720097135",
"last_access": "1720097013",
"session_id": "3176d9bcf1d0b822",
"session_ttl_seconds": "60",
"user_id": "7xu7hjb77piod02dgi2ll"
}