Skip to main content

How does it work?

Overview

This document provides information about How does it work?.

Auth Referrer allows you to automatically authenticate your users using a link.

Admin Role Limitation – click to expand
caution

Authentication methods based on IP, URL referrer, LTI or SAML are designed for end-user access only.
When the identifier corresponds to an administrator account, the platform intentionally starts the session with regular user permissions to prevent privilege escalation.

Administrators who need to access the Control Panel must:

  1. Set a password to their account.
  2. Log out of the current integration-based session.
  3. Log back in using email + password to regain full administrator privileges.

How to configure it?

In the store:

  1. Go to Control Panel > User
  2. Create a new user or select an existing one
  3. Set the URL or URLs using the option Assing URL referrers in the dropdown menu.

assign-ip

note

The referrer is the URL where a user come from. Example. When you press a button in https://google.com to https://app.publica.la, the app understand that user come from https://google.com

tip

Also the referrer can be more specific, ex. https://google.com/some-path/classroom

caution

You need to take account new changes in Chrome related Referrer Policy

In the third party end:

  1. Create a button or Hyperlink
  2. Set a route https://your-store.com/auth/referrer like link in the button
<a href="https://your-store.com/auth/referrer">Login User</a>
<button type="button" onclick="loginUser()">Login User</button>

<script>
function loginUser() {
    return window.location.href = 'https://your-store.com/auth/referrer';
}
</script>
  1. In case you need to redirect users to a specific URL inside store such as the publication page or a specific filter you may add the intended_url parameter to your URL.
<a href="https://your-store.com/auth/referrer?intended_url=https://your-store.com/reader/publication-name">Login User</a>
<button type="button" onclick="loginUser()">Login User</button>

<script>
function loginUser() {
    return window.location.href = 'https://your-store.com/auth/referrer?intended_url=https://your-store.com/reader/publication-name';
}
</script>

Troubleshooting

If something is misconfigured users will be directed to the login form instead of bing automatically logged in. You can add to url query ?debug=true to know IP where come from these user.

https://your-store.com/auth/ip?debug=true

When you use this URL you should see the follow screen show with date to know if the user are configured with correct IPs.

assign-ip

X

Graph View