RemitWeb Single Sign-On

The RemitPlus Express and RemitWeb SSO provides authentication to already provisioned operators on the respective platform. No automatic provisioning nor rights management is supported in this method. The SSO employs shared secret and tokenization for security and supports a configurable timeout window for all requests (default 10 minutes).

Name	Description
Shared Secret	The SharedSecret is a random alpha-numeric value created/generated by RemitPlus. This value will be supplied to you during setup and is required to recreate the ConnectionString value.
Provider Name	The ProviderName is a value created/defined by RemitPlus. This value will be supplied to you during setup and is required to recreate the UniqueID value.
FI Number	The FINumber is a 4-digit numeric value. This value Is supplied during setup.
UniqueID	This is a unique HTML encoded hexadecimal value corresponding to the specific end user being delivered to RemitWeb. The value passed is an HTML encoded SHA512 hash of the following: ProviderName\|CompanyID\|UserId
DTValue24	(DateTimeValue24) This value is a (UTC) DateTime string formatted as “yyMMddHHmmss” where the “HH” component is the hour value derived from a 24-hour clock.
ConnectionString	The HTML encoded hexadecimal value corresponding to the specific “instance” that an end user (UniqueID) accesses the application. The ConnectionString includes a DateTimeValue24 component and thus changes with each handoff. The ConnectionString is an HTML encoded SHA512 hash of the following (concatenated) values (do not include ‘+’): UniqueID + DTValue + FINumber + SharedSecret
ReferringApplication	Static string value identifying the application initiating the SSO handoff.
UserId	string value corresponding to the end user’s UserId. This value used to validate the UniqueID. The combination of UserID and CompanyID uniquely identifies an end user in the RemitWeb environment. Passed as clear text.
CompanyID	Alpha-numeric value corresponding to the end user’s CompanyId. RemitPlus will provide you with this value. This value used to validate the UniqueID. The combination of UserID and CompanyID uniquely identifies an end user in the RemitWeb environment. Passed as clear text.

Example SSO Handoff Parameters Communication:

RemitWeb URL= https://[RemitWeb Lockbox URL]/RemitWebSSOLogin.aspx
FINumber = [Provided by Jack Henry]
SharedSecret = [Will be provided by Jack Henry via separate secure email]

SSO Test User Settings (for Unique ID)

ProviderName = [Provided by Jack Henry]
CompanyID = [RemitWeb Company Name, Provided by Jack Henry]
UserID = [RemitWeb SSO User Name, Provided by Jack Henry]

note

The UserId and CompanyID are values that must be setup for each SSO user in RemitWeb (see latest RemitPlus Operations Guide for more information).

Sample SSO Handoff Form

UserId: ssouser
CompanyID: 12345
ProviderName: SSOTest123
SharedSecret: 84f6abad-1835-44fe-890c-5d5ebc398b9e

<form
  name="handoffForm"
  action="https://www.remitplusexpress.com/RemitWebSSOLogin.aspx"
  method="post"
>
  <input type="hidden" name="FINumber" value="1111" />
  <input
    type="hidden"
    name="UniqueID"
    value="Ne2x1edLR6RYeu40xIcM0gfe0VVsc9hgeJfF9mKEV1kdYgYk+GFGCjnlsm2ZkHwTU2bLZpw0oUDKV4uw6RdSzA=="
  />
  <input type="hidden" name="DTValue" value="110224204159" />
  <input
    type="hidden"
    name="ConnectionString"
    value="V7Nsad8NhuAsF032JCeLrvaos1pVbhLyAskakWdkXw+l5blV+3KNyA8koZp6VpznDQ2XQ6BD095Tv8oTBnqPTQ=="
  />
  <input type="hidden" name="ReferringApplication" value="YourAppName" />
</form>

C# sample for UniqueID

PProviderName**|CompanyID|**UserId

string stringToHash = “SSOTest123|12345|ssouser”;
static String UniqueId(string stringToHash)
        {
              var sha512 = new System.Security.Cryptography.SHA512Managed();
              var bytes = System.Text.UTF8Encoding.UTF8.GetBytes(stringToHash);
              var hash = sha512.ComputeHash(bytes);
              var base64Hash = Convert.ToBase64String(hash);
              return System.Net.WebUtility.HtmlEncode(base64Hash);
         }

UniqueId="Ne2x1edLR6RYeu40xIcM0gfe0VVsc9hgeJfF9mKEV1kdYgYk+GFGCjnlsm2ZkHwTU2bLZpw0oUDKV4uw6RdSzA=="

C# sample for ConnectionString

UniqueID + DTValue + FINumber + SharedSecret

Example: Ne2x1edLR6RYeu40xIcM0gfe0VVsc9hgeJfF9mKEV1kdYgYk+GFGCjnlsm2ZkHwTU2bLZpw0oUDKV4uw6RdSzA==110224204159111184f6abad-1835-44fe-890c-5d5ebc398b9e

string  stringToHash = “Ne2x1edLR6RYeu40xIcM0gfe0VVsc9hgeJfF9mKEV1kdYgYk+GFGCjnlsm2ZkHwTU2bLZpw0oUDKV4uw6RdSzA==” + “110224204159” + ”1111” + “84f6abad-1835-44fe-890c-5d5ebc398b9e”;
static String ConnectionString(string stringToHash)
          {
              var sha512 = new System.Security.Cryptography.SHA512Managed();
              var bytes = System.Text.UTF8Encoding.UTF8.GetBytes(stringToHash);
              var hash = sha512.ComputeHash(bytes);
              var base64Hash = Convert.ToBase64String(hash);
              return System.Net.WebUtility.HtmlEncode(base64Hash);
          }

ConnectionString="V7Nsad8NhuAsF032JCeLrvaos1pVbhLyAskakWdkXw+l5blV+3KNyA8koZp6VpznDQ2XQ6BD095Tv8oTBnqPTQ=="

Error Messages

The following error messages can be returned in the URL based on the request condition:

Error Code	Description
RemitWeb SSO Error 0	Wrong DateTimeFormat24. It should be yyMMddHHmmss
RemitWeb SSO Error 1	SSO is not enabled in the config
RemitWeb SSO Error 2	FI_Number is not available from SSOHandOff page
RemitWeb SSO Error 3	FI_Number is not found in SSOVendor table
RemitWeb SSO Error 4	SSO is not enabled in SSOVendor settings.
RemitWeb SSO Error 5	Failed to verify DateTime.
RemitWeb SSO Error 6	Failed to verify Connectionstrings.
RemitWeb SSO Error 7	UniqueID not found in SSOUnique table.
RemitWeb SSO Error 8	Company details not found in WebCompany table.
RemitWeb SSO Error 9	SSO details not found or doesn’t match in WebCompany table.

Sample SSO Handoff Form​

Error Messages​

Sample SSO Handoff Form

Error Messages