Comment on page
vLex offer a wide range of options for signing in to suit all organisations.
This is the best option to grant easy access to academic, government, or corporate accounts. Users can gain access from anywhere, without needing individual login details, while retaining all the features of a personal, secure account. When someone uses this method to log into vLex, the service automatically creates a new personal corporate account when they sign in.
For admin users, SSO provides useful statistics, such as the number of users accessing vLex and the frequency of their individual sessions.
The vLex SSO protocol is the easiest way to provide an SSO experience. Your IT team will install a code page in a private area of your website, and users who go to that page will be redirected to vLex, where they will be automatically authenticated.
The Authentication token is private. Do not give any third parties access to this information.
When you have this information, create a page on your private server that can verify a user, before redirecting them to the authenticated link.
If you wish to program the page from scratch, the URL link should be:
This link should have the following GET parameters:
- name: the user’s name (John Smith)
- timestamp: the time that the link is generated, represented as seconds from the Epoch (1049896564)
- account_id: your account ID, this data appears when activating account integration.
- hash: the value that is used to validate the rest of the fields, it is computed as: hexdigest(MD5(name+email+account_id+token+timestamp))
The hash must be encrypted with the parameters indicated above, which will never be the same as it includes the timestamp. The + symbol represents a concatenation of sets of strings. When computing the hash, the order of the fields is relevant.
While vLex supports IP Access (including access by proxy), our recommendation is to implement access by SSO.
When your users are logged into the network of your organisation, they can have access to vLex without signing in to their personal accounts, albeit losing some functionality.
You can provide your users with the same functionality they get with IP Access when they are not logged in to your network. To do this, you must enable a HTTP proxy. The supported proxy implementations are EZProxy and WAM proxy.
Once we complete the implementation, we will provide you with the URL address that you must use to access the service.