It's important to know who is giving you feedback. Are they a paying customer, a lead, or just some random person on the internet? This information helps you prioritize accordingly.

That's why Canny has its own user accounts. If a user isn't identified in your application, we'll ask them to sign up for a Canny account.

However, you might want to disable this functionality to force Canny to always use your own user accounts. It's slightly more work, but can provide better context to your team and a better experience to your users.

Prerequisites

Instructions

Instead of asking users to sign up for a Canny account, we'll send them to your website to log in to your application. After doing so, send a request to your server to generate a single sign-on token for them, and then redirect them back to Canny.

  1. Make a login redirect page on your website
    This could be your normal login page, or a custom single sign-on page. This is the page we will send your users to to log in.
  2. Add a form to let the user log in to their account
    If the user is already logged in, you can skip this step.
  3. Send a request to your server to generate a single sign-on token
    Once the user is logged in, fetch an SSO token to authenticate them in Canny.
  4. Redirect them back to Canny
    When we send users to your website, we'll include a redirect query parameter. This tells you where to send users after they've been logged in.

After building this page, add its URL in your admin settings. Use our tool to test that the redirect works, and then push it live to your users.

Snippet

The following JavaScript snippet will achieve steps 3 and 4. You will have to write the part that requests the single sign-on token from your server.

function getQueryParameterByName(name) {
  var pairStrings = window.location.search.slice(1).split('&');
  var pairs = pairStrings.map(function(pair) {
    return pair.split('=');
  });
  return pairs.reduce(function(value, pair) {
    if (value) return value;
    return pair[0] === name ? decodeURIComponent(pair[1]) : null;
  }, null);
}

function getRedirectURL(ssoToken) {
  var redirectURL = getQueryParameterByName('redirect');
  if (redirectURL.indexOf('?') === -1) {
    return redirectURL + '?ssoToken=' + ssoToken;
  } else {
    return redirectURL + '&ssoToken=' + ssoToken;
  }
}

var redirectURL = getRedirectURL(ssoToken);
window.location.assign(redirectURL);

If you have any questions or issues while setting this up, don't hesitate to reach out.

Did this answer your question?