Custom authentication can authenticate users by passing information within an HTTP request as:
- Headers
- Cookies
- URL parameters
For example, a user's email and a hashed password may be passed as URL parameters (Note: We don't recommend using URL parameters to pass user credentials):
https://example.com/apps/logon.eb?email=example@example.com&hash=5f4dcc3b5aa765d61d8327deb882cf99
To use custom authentication, enable the Use Custom Authentication option in the User Authentication section of the Server Admin App. First select the Logon Service to use and then specify which parameters will be passed to it. At least one parameter must be specified, although more are often useful.
The source and value of the first parameter are mapped to the PARAM1_SOURCE and PARAM1_VALUE fields of the Logon Service respectively. The source and value of the second and third parameters also have corresponding fields.
For example, to extract the email and hash values from the URL given above, the following settings would be used:
The following code snippet shows how to handle URL parameters in the Integration Event script of a Logon Service:
if (fields.PARAM1_SOURCE.value == "URL" && fields.PARAM2_SOURCE.value == "URL"){
var email = fields.PARAM1_VALUE.value;
var passwordHash = fields.PARAM2_VALUE.value;
}