REST API Authentication Session Management

REST API Authentication Session Management

Hi,

Does anyone know if it is possible to manage your own user sessions by authenticating through a 3rd party REST API? We've got an ordering app that we want our clients to log into, however the only authentication option for the customer portal is SAML, which we don't support. We have our own REST API which can authenticate the user, but we can't see a way to manage the user session in Zoho Creator so that they remain logged in whilst in the app.

Here's the flow we want:
  1. User accesses the "Login" form and enters their username and password for our system.
  2. On Submit workflow runs "invoke url" Deluge script to make a call to our REST API using HTTP Basic Auth.
  3. On success, our API returns a token which we want to store in the user's session and use for further authentication.
The only we can see this working now is if it is behind the regular customer portal Zoho login system, which is not a good user experience. Is there a way to do this without using Zoho's login as well?

Thanks,
Harry