Requests should use the host https://api.codeguard.com/. All unauthenticated requests will be redirected to https. The request should meet the following requirements:
application/json. Other media types may be rejected.
Just about any OAuth-signed URL can be used for SSO if it's opened in a browser. For API requests, you send a 'Content-Type: application/json' header and we return JSON. If you use that same link in a browser, our app will create a user session and load the corresponding page.
For SSO, we generally advise creating an OAuth-signed link to "https://www.codeguard.com/websites" and making that the target of a 'Manage Backups' or 'Open CodeGuard Dashboard'-type link or button. The /websites path is the default location when customers log in with a username and password and we show an overview of all of their backups.