The SSO authentication model for native OpenEdge SSO tokens follows the HTTP BASIC model, where a client’s identity is authenticated on each HTTP request. The difference between the two is that HTTP BASIC sends user ID and password authentication on each request, and SSO sends an encoded SSO token in each request.

Client request

The HTTP 1.1 format for the request is:

"Authorization : " + token_type + " " + access_token

For OpenEdge, the client request is:

Authorization : oecp b64-oecp-sso-token

HTTP status codes

  • 200 indicates success.
  • 401 indicates an SSO authentication failure.
    WWW-Authenticate : oecp error=401,
error_description=error-desc
token-error-code
    For more information on token-error-code, see SSO token error codes.