Custom Authentication Interface
Purpose - To provide the Publisher with an option to authenticate readers against a URL while still using the standard login page.
1. The URL will need to be set up by the Publisher prior to implementation.
2. A login only subscription entry in the dashboard will need to be set up prior to use.
1. Navigate to the login only subscription. Select the 'Custom Authentication Interface' option under 'Data Source' within the subscription.
2. Select the 'Settings' button next to the drop down option.
3. Enter in the appropriate information and save the entry afterwards.
1. URL - A single page created for user authentication. This is created by the Publisher, or a third party, to query the Publisher database. Since we will be posting authentication information, https:// is recommended, but not required.
2. Login Success Text - Text that must match the success response from the URL.
3. Username/Password field name - Name of the fields that must match the field names created on the URL. The field names are not limited to 'Username/Password'. These may be customized to meet the needs of the Publisher, such as Email/Zip Code.
4. Exact Match - This option will check to make sure the success message is an exact match. The option is disabled by default.
Note: If exact match is enabled, this will accept an optional date range in addition to the success message.
If only one date is passed, it will be considered the user's expiration date.
- For example: "$successMsg:2017-01-01
The reader would expire on 01/01/2017.
If a start date is passed, it will also require an end date to be passed as well
- For example: "$successMsg:2018-12-31:2017-01-01"
The reader's start date would be 01/01/2017 and expire on 12/31/18
4. The Publisher may test successful authentication by selecting 'Test' before saving.
5. Fill in the Username and Password, and click 'OK'.
6. The end-user experience will consist of the following:
1. The reader will meet the default login page.
2. They will enter credentials/values that will authenticate against the URL supplied by the Publisher.
3. We will execute a multipart/form-data POST of the form values against that URL.
4. If the values successfully authenticate, then the reader will be granted access. If the values do not, then the reader will be denied access.