This article outlines the different SSO methods available in Sleekplan, so administrators clearly understand where to implement each one and maintain secure, private boards.
Sleekplan offers different Single Sign-On (SSO) mechanisms catering to different components of the app: admin dashboard, widget, embedded iframes, and standalone website. This guide tries to consolidate the available SSO types and which part of the Sleekplan app you can use them on into one brief, easy-to-read support document.
1. SAML-based SSO (Enterprise SSO)
Where you can use it
Admin Backend: Enables your team's authentication into the Sleekplan admin interface.
Standalone Website (Frontend Access): Protects your privacy by limiting access to authorized employees only or partner companies.
Key Details
Works with enterprise Identity Providers (IdPs) like Okta, Auth0, Azure AD, Google SAML, OneLogin, PingFederate, etc.
This is Sleekplan’s enterprise SSO option. Ideal for scenarios requiring robust identity controls and centralized user provisioning.
Where to set it up in the Sleekplan dashboard ?
First book your SAML add-on via your subscription page in your Admin dashboard:
Once the add-on is booked, you can set up your SAML connection with your IdP in Home > Product Settings
2. JWT-based SSO (Standard SSO)
Where you can use it
Feedback Widget: Seamlessly authenticates users already interacting with your site against the Sleekplan widget.
Standalone Website board: the standalone website board can also receive SSO tokens via URL parameters.
Sleekplan iFrame: passing the SSO token to the iFrame URL
Key Details
Based on JSON Web Tokens (JWT) generated server-side using Sleekplan’s secret key (available in Settings → Developer for Business/Starter plans).
The SSO signature uses HMAC with SHA-256 encryption
Customizable tokens allow metadata embedding in your Admin dashboard for further user segmentation if needed.
How to setup JWT-based SSO ?
Retrieve your SSO secret key from your Admin dashboard:
Generate JWT on your server containing user data (email, ID, name, custom metadata , etc.).
Depending on where in Sleekplan are you planning to use SSO then you have different options to pass the SSO token :
If injecting in widget :
On page load using code snippet:
<!-- User Token -->
<script type="text/javascript">window.SLEEK_USER = {token: 'XXXXXXX',}</script>
<!-- Sleekplan Widget Code -->
<script type="text/javascript">
window.$sleek=[];
window.SLEEK_PRODUCT_ID=XY;
(function(){d=document;s=d.createElement("script");s.src="https://client.sleekplan.com/sdk/e.js";s.async=1;d.getElementsByTagName("head")[0].appendChild(s);})();
</script>
On Single-Page apps using the setUser( data ) method:
$sleek.setUser ( {token: 'XXXXXXX',} );Asynchronously by passing the SSO token to the SDK method $sleek.sso from your server side callback function:
$sleek.sso = function( callback ) {
// load the current user token from your server side script
fetch('https://yourserver.com/your_sso_script/')
.then(response => response.json())
.then((data) => {
// get your userToken
let userToken = data.ssoToken;
// return the generated token to the widget
callback( {token: userToken}
);
});
};
If injecting token in standalone website:
First, make sure to force SSO in your Admin dashboard and include the login URL (Settings > Privacy)
Pass the SSO the token as :
GET quey parameter
POST query parameter
Authorization: Bearer <sso token>
If injecting token into iFrame :
Include your product ID to construct the base embed URL:
https://embed-{PRODUCT_ID}.sleekplan.app/2. Append ?sso=YOUR_GENERATED_TOKENto authenticate the user automatically upon loading the iFrame.
The how to set it up methods above contain the main steps you need to follow on each workflow. For more details on how to configure SSO you can check the Single Sign-On section of the Dev Docs.