3 months ago

3 months ago

Bluetrait Documentation

60

External Authentication

External Authentication

Bluetrait allows you to authenticate users against an external system or database.

For example if you have an existing phpBB forum installed you can allow users of this forum to login to Bluetrait without signing up an account. This also means that the user can always use the same password on Bluetrait as on the external system.

This system works by installing a small piece of code on your external system that Bluetrait will lookup whenever a user logs in.

Bluetrait uses a combination of HTTP(s), JSON, Rijndael 256 and base64 encoding to transmit and receive requests.

For added security it is recommended that your external application use SSL.

How it works

  1. User visits your Bluetrait site.
  2. User types in their existing username & password from your external system.
  3. Bluetrait in the background submits an HTTP request to your nominated URL (that contains the authentication code).
  4. Your external system replies with a success or failure message.
  5. If it is a success Bluetrait will automatically create a new user account and log the user in.
  6. If it is a failure Bluetrait will display a login failed message.

Bluetrait sends the following HTTP post array:

Array ( [data] => { "username":"johnsmith", "password":"1234", "task":"authenticate", "api_version":1, "program_version":"4.1", "program_name":"dalegroup.tickets" } [site_id] => 1 )

The data array is encoded using base64 and then encrypted using Rijndael 256.

The Site ID value is posted without any encoding or encryption, allowing you to have different Bluetrait sites authenticating to a single URL.

As the data array is encrypted you must have the encryption key on both the Bluetrait site and your site match.

Bluetrait expects to receive the following response:

Array ( [success] => 1 [name] => "John Smith" [email] => "john@example.com" )

OR

Array ( [success] => 0)

Again this array is encoded using base64 and then encrypted using Rijndael 256.

You can download a copy of the phpBB auth server (and more examples) from the downloads page in your Bluetrait Account.