Versions Compared

Old Version 17

changes.mady.by.user Rich Walker

Saved on

compared with

New Version 18

changes.mady.by.user Gonzalo Luna

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Background

This SSO service is designed for a user to be set up on a customer's existing Quik! account, with automatic user registration if the user does not exist. 

...

SAML Project Details

Endpoint

SAML Metadata describes the Quik SAML Service provider metadata

https://websvcs.quikforms.com/rest/quiksaml/v1000/quiksaml/metadata

The following production endpoint is to be used for all production SAML requests:

https://websvcs.quikforms.com/RESTrest/QuikSAMLquiksaml/v1000/QuikSAMLquiksaml/SAMLSSOsamlsso


The following UAT pre-production endpoint can be used for testing prior to implementing in a production environment:

https://uatwebsvcs.quikforms.com/RESTrest/QuikSAMLquiksaml/v1000/QuikSAMLquiksaml/SAMLSSO  samlsso

Attributes

The table below lists all possible attributes that can be included in a Quik! SAML request (SAML Assertation XML). Yellow rows represent future attributes that do not yet exist, but are in the Quik! development roadmap.

CategoryNameDescriptionData TypeRequired?
Application DataApplicationIDThe Application ID at Quik!
ALL CUSTOMERS MUST USE VALUE "36" FOR ApplicationID		stringYES
Application DataAudienceRestrictionValue that specifies who the assertion is for
ALL CUSTOMERS MUST USE VALUE "ServiceProvider" FOR AudienceRestriction		stringYES
Quik! Account DataCustomerIDQuik! CustomerID assigned to the customer's accountstringYES
Quik! Account DataCustomerUserID Customer's unique UserID from their internal system of recordstringYES
Application ControlTimeoutRedirectURLA URL to send the user to when their logged in session expires or is logged outstringYES
Quik! Account DataUserFirstName User's first namestringYES
Quik! Account DataUserLastName User's last namestringYES
Quik! Account DataUserEmail User's email addressstringYES
Quik! Account DataUsername User's username - if not provided, Quik! will generate a Username for the userstringNO
Quik! Account DataPassword If provided, user's password will be hashed and stored stringNO
Quik! Account DataCustomerUserType Type of user being logged in (e.g Advisor, HomeOffice, etc.)stringNO
Application DataBrokerDealerID The Broker/Dealer's internal ID used with API calls or e-signstringNO
Application DataCustomerClientId The ClientID to assign to Owner1 rolestringNO
Application DataCustomerAccountId The account ID to assign to Account 1 rolestringNO
Application DataFormIDList List of FormIDs to add to the shopping cartcsvNO
Application DataClientIDList List of Client IDs to lookup from the connected CRMcsvNO
Application DataRepIDListList of Client IDs to lookup sales rep records from the connected CRMcsvNO
Application DataRep1RecordID The record ID to assign to Rep 1 rolestringNO
Application DataRepNumberList List of rep numbers to show in the launch screen of the Quik! AppcsvNO
Application Data

Transactions

List of transaction data objects like a tradeblotter, orders, etc. Must contain a root object called “transactions” which will store an array of objects with the following attributes:

  1. id: the Transaction ID (string)

  2. typeId: the Transaction Type (int): TradeBlotter=1


Example:

{
  "transactions": [
    {
      "id": "a1H0S0000012ZeKUAU",
      "typeId": 1
    }
  ]
}



json stringNO
Application Data{Quik! Field Name} and {Value}Any Quik! full field name and value to prefill onto the formstringNO
E-Sign Meta DataClientCode The user's client IDstringNO
E-Sign Meta DataAccountCode The customer's account IDstringNO
E-Sign Meta DataRepCode The customer's sales rep IDstringNO
E-Sign Meta DataFirmCode The customer's firm (broker/dealer ID)stringNO
E-Sign Meta DataClientTransNumber The customer's transaction number (numeric integer values only)numberNO
E-Sign Meta DataClientTransNumber2 The customer's transaction number (numeric integer values only) - number 2numberNO
E-Sign Meta DataClientTransNumber3 The customer's transaction number (numeric integer values only) - number 3numberNO
E-Sign Meta DataClientTransNumber4 The customer's transaction number (numeric integer values only) - number 4numberNO
E-Sign Meta DataClientTransCode The customer's transaction codestringNO
E-Sign Meta DataClientTransCodeType The description if any of the ClientTransCode so customer knows what the data representsstringNO
E-Sign Meta DataClientTransCode2 The customer's transaction code - number 2stringNO
E-Sign Meta DataClientTransCode2Type The description if any of the ClientTransCode2 so the customer knows what the data representsstringNO
E-Sign Meta DataClientTransCode3 The customer's transaction code - number 3stringNO
E-Sign Meta DataClientTransCode3Type The description if any of the ClientTransCode3 so the customer knows what the data representsstringNO
E-Sign Meta DataClientTransCode4 The customer's transaction code - number 4stringNO
E-Sign Meta DataClientTransCode4Type The description if any of the ClientTransCode4 so the customer knows what the data representsstringNO
E-Sign Meta DataClientTransMetaData Any extra text the customer wants to pass through the meta data service (up to 8000 characters)stringNO
Application ControlEnableESignTurns on or off the e-sign feature for the logged in session of the Quik! AppbooleanNO
Application ControlEnableClientSearchFlag to hide/disable the client search page in the Quik! AppbooleanNO
QFE PropertiesLockPrefilledFields If TRUE, sets the prefilled fields as read-only on the formbooleanNO
QFE PropertiesESignCallbackURL Sets the value of the e-sign Callback URLstringNO
QFE PropertiesSubmitFormOn If TRUE, shows the Submit button in the Quik! Form ViewerbooleanNO
QFE PropertiesSubmitURL Sets the value of the Submit button URL (location where submitted form data will be sent)stringNO
Application ControlAfterLoginDisplayPageThe first view to display after SSO login (e.g. Home, Forms, Clients, Launch, FormViewer)stringNO
Application ControlDatabaseConnectionID Quik! QDBC Connection ID to use when requesting client records, if none then whatever connection exists on the account is usedstringNO
Application ControlLockAssignedRoles Flag to allow user to change pre-assigned rolesbooleanNO
Application ControlLockRepChoiceFlag to disable/enable the rep drop-down in the Launch pagebooleanNO
Application ControlESignConnectionNameDetermines which e-sign connection user can access by passing the ESign connection namestringNO
Application ControlLockESignChoiceFlag to disable/enable e-sign drop-down in the Launch pagebooleanNO
QFE PropertiesLockAllFields If TRUE, sets all fields as read-only on the formbooleanNO
Application DataFormGroupIDList List of FormGroupIDs to get the related forms to add to the shopping cartcsvNO

...

  1. Before you begin, make sure your organization has an active Quik! App account
  2. Contact the Quik! team (support@quikforms.com) or your Quik! sales contact and provide the following information:
    1. Your Quik! Customer ID (ask Quik! if you do not know your customer ID)
    2. Your public X.509 Cerificate. This maps to our CertificateBase64 attribute.
    3. Your EntityID aka Audience URI value which must be a unique identifier. This maps to our Name attribute.
  3. The Quik! team will enable your account for SSO (this can be done same-day)
  4. You must build infrastructure and UI elements in your environment that support some sort of "Send to Quik!" button for users to enter the Quik! App with a SAML request. See the SAML Project Details above for more information on which data points to send to Quik! in the SSO event. 
  5. Quik! recommends that you test your SSO implementation with the pre-production SAML endpoint referenced above.
  6. Once testing is complete, you can use the production SAML endpoint referenced above and begin the SSO process for users in your production environment.

...