The Glance Login Key is a time-limited token issued by a partner or customer, used to authenticate a user to various Glance services.
The Login Key is passed on https: or glance: URLs in one of the following ways:
Appended to the username—for example, fred.glance.net (a Glance Address) after a tilde:
Passed along with Partner ID and Partner User ID parameters, typically:
A Glance user is uniquely identified by either a username or a Partner ID/Partner User ID pair.
Features of the Login Key
- Uses current best practice SHA-2 family of hashes.
- Expiration period selectable by the customer.
- Includes algorithm versioning to allow future changes with backward compatibility.
Login Key Format
The Login Key format is identified by a leading dollar sign. (This distinguishes it from the previous format login key.)
Login Key Components:
[ver] Must be 1 for this version of the key algorithm.
[expirationtime] The Unix (POSIX) epoch time. The number of seconds decimal since 00:00:00 UTC Jan 1 1970.
There is also a maximum time in the future for a valid expiration time (currently set to one day) to protect against possible accidentally generated keys with extended expiration times.
HMAC_SHA256: takes (secret key, message) arguments and generates a hash-based message authentication code.
NOTE: SHA-256is the 256 bit variant of SHA-2.The second (message) argument is the string concatenation of the four values. The HMAC must then be encoded as Base64URL (RFC 4648) without any trailing padding ("=") characters.
The resulting Login Key is 57 characters long.
Integrating Cobrowse and Screen Share
Use this section to generate a Login Key for Single Sign-on when using Glance Cobrowse and Screen Share. This section also includes information on Login Key features and format, usage examples, and security considerations.
See the Cobrowse and Screen Share pages for information on those specific products.