Under API, you can enter a private key to allow an external system such as websites and online applications to automatically log in website users who are already logged in to your website.
When you allow single sign-on in the API for Blackbaud NetCommunity and an external system, the private key allows the external system to decrypt user IDs that are accessed through the GetUserID.ashx endpoint in the API. To determine user IDs, the external system accesses the endpoint with a return URL in the query string. The endpoint redirects website users to the return URL and uses several query string parameters to securely determine user IDs.
When you integrate your website with another site, it can use the private key so that users who are logged in to your site do not need to enter different logins when they access the external site through links on your Blackbaud NetCommunity site. Users can click unique links from a Blackbaud NetCommunity page to access secured non-Blackbaud NetCommunity pages without entering user name and password information for the non-Blackbaud NetCommunity pages.