Registering a new service
SSO needs to know some information about each application before it will allow you to use it for signing in. As SSOv3 requires a secure connection, you will also need an SSL certificate so you can specify here if you need one.
Using a shared IP address
Up until recently we couldn't allow applications running on a shared machine with the same IP, because we couldn't allow access to the application without also giving other users of the server access to Websignon's API. Now it is possible using an API key. If your application is on a shared machine, let us know and we will give you an API key which is simply a string of characters. All your application then has to do is make sure it sends an extra parameter to websignon whenever it accesses https://websignon.warwick.ac.uk/origin/sentry: wsos_api_key=YOUR-API-KEY-HERE.
If you're on a shared server but have your own dedicated IP address, then an API key isn't necessary. Similarly, if you have multiple apps on the same IP address this also isn't a problem - it's only when it's shared with unknown other people.
It's important that you keep this key secret, especially where it is stored in your application. The file it's stored in should have the appropriate permissions set on it so that it is not readable by any other users.
If you are using the SSO Client library for Java, you can put the value in the system property userlookup.ssos.apiKey and it will add the parameter for you. However, it's more likely that an app on a shared server such as crocus won't be able to run Java servlets, so you will probably be adding the parameter yourself.