Developer Instructions

Add the following JavaScript snippet in header/footer. This code will add “iframe.js” file from Online Review Manager website to your website.

function(d, s, id) {
    var js, fjs = d.getElementsByTagName(s)[0];
    if (d.getElementById(id)) return;
    js = d.createElement(s); = id;
    js.src = "//";
    fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'sso-jssdk');

In the location you want to render the iframe, add a div with the following attributes:

  • id="sso_login"
  • data-key="login-hash" - used to authenticate the user
  • data-width="1000px" - defines the width of the iframe
  • data-height="1000px" - defines the height of the iframe

Eg: <div id="sso_login" data-key="{your-login-hash}" data-width="1000px" data-height="1000px" id= "sso_login"></div>

Building Your Login Hash

The build the login hash, you need to hash (sha256) the user's email address and join it to your ORM AppId.

Your ORM AppId can be obtained by visiting the ORM portal and going to your agency's settings page. The ORM AppId is a 64 character string

Eg: data-key="f3273dd18d95bc19d51d3e6356e4a679e6f13824497272a270e7bb540b0abb9d-91eebb3af09ae11a9f0f71ce0016a1165d466ba09ac254d17006a47df5440f6c"

Note: The 2 fields are joined with a hyphen ("-")

Additional Setup

Before the SSO iframe will render correctly, you need to ensure that the hosting domain and/or IP Address(es) are configured in the ORM platform.

The hosting domain should be specified under White Label Options in your agency settings. ORM allows only for a single domain.

The hosting IP address should be specified under API Options in your agency settings. Multiple IP addresses can be provided, seperated by a comma.

Note: When doing local testing, the IP address that should be added in the ORM Portal is your local private IP, not


Note: SSO requires users' browsers to have cookies enabled.