Clarizen's SSO support is mostly about using some identity provider's credentials to enter Clarizen's UI without logging in.
It's not exactly about sharing Clarizen credentials with API applications. SSO is achieved with SAML 2 protocol, which fits browser applications, not server side.
However, I think you can go around it in one of 2 ways.
- A custom action (or other business rules) can issue an Outbound Call providing a session id for the API. A custom action can be accessed directly (you can find the custom action URL with the GetCustomActionUrl function). Your web application can access the custom action URL via the browser (login should be automatic if you use federated authentication). The custom action, in turn calls your web server with an api session. This requires you web server is accessible for such call.
- Clarizen does support OUath providing. OAuth protocol allows acquiring of a token (per user) which can be used to get API access directly, with a one time user approval. However, registering new applications for OAuth is not provided. Contact your Clarizen customer success manager if you want to go this way.
Hope this helps,