The Ultimaker Account provides Single Sign-On (SSO). This means that users only have to sign in once, and their session in the authentication portal is remembered when signing in from other applications that make use of the Ultimaker Account. Applications do not need to implement anything besides the OAuth2 flow to make use of this functionality.
Sometimes you want the user to sign off completely and destroy the global SSO session. To do this you can redirect to the following URL:
Without extra query parameters, this will redirect back to the login page by default.
If you want to redirect back to your own application (for example if it is partly usuable without signing in), you can append the query parameteter
next to the logout URL:
Note that the
next parameter should be URL encoded as some browser do not handle URL schemes in query parameters well.
The Ultimaker Account does not support Single Sign-Off. This means that only the session in the current application and the global one on account.ultimker.com are destroyed when following this flow, but not the active sessions in other applications that use the Ultimaker Account.
As an extension of SSO, Ultimaker can help you configure your company's own identity provider (like Microsoft Azure Active Directory) to connect to the Ultimaker Account. Your employees would no longer need a separate Ultimaker Account, but can just sign in with their existing enterprise account. Please contact Ultimaker Support to get more information about this option.
Federated Single Sign-On is only available for customers with an Ultimaker Excellence subscription.