In a multi-site setup, authentication cookies are issued per Documentation Site. This means users must log in separately for each separate site they access.
- How Authentication Works Per User Type
- SSO in a Multi-Site Setup
- Edge Case: Contributor Accessing a Non-Default Site
How Authentication Works Per User Type
There are two user types in ClickHelp: Contributors and Power Readers.
- Contributors are always redirected to the default site after login, so in practice, they can be authenticated only to the default site. They cannot work in non-default sites directly. See what happens when a Contributor logs in to a non-default site here.
- Power Readers must authenticate per site. A reader logged in to Site A will need to log in again when navigating to Site B, Site C, etc. Unlike Contributors, they can be logged in to several sites simultaneously.
Login Tokens also authenticate into one specific site at a time.
SSO in a Multi-Site Setup
SSO follows the same per-site logic — authentication is tied to a specific site — and in general, works the same as for a portal without additional sites. Refer to this section for the details: Single Sign-On (SSO).
To use SSO across multiple sites, you will need to configure the appropriate domains and redirect URLs on your identity provider's side. Refer to your identity provider's documentation for details.
Edge Case: Contributor Accessing a Non-Default Site
For Contributors, it is recommended to always access the portal via the default site and work from there.
If a contributor navigates to a non-default site (Site B) while not yet logged in, the following happens:
- After logging in, they are redirected to the default site.
- They need to log in to the default site again.
- After logging in to the default site, if they navigate back to Site B and try logging in there, they will be automatically logged out of the default site and need to log in again.