Versions Compared

Version Old Version 6 New Version Current
Changes made by

proaxia

proaxia

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The sign-in page handles the first two authentication types.

image-20240202-100926.png

Basic authentication.

Account creation.

Customers can create accounts using an email address. On the Sign in page there is a link to the Sign up form.

Info

Please note that the users are always created with a role that’s marked as default.

See VSS->Service-> Service Resource Scheduling->Customer Portal->General Settings->Maintain user roles IMG node.

image-20240202-101041.pngimage-20240202-104425.png

After a successful registration, a confirmation email is sent to the provided email address. The email contains an activation link. Once the link is used, the account is activated and ready to use.

...

Password reset.

User can request a password reset on the sign-in page using the “Forgot?” link. An email will be sent to the provided address with a reset link.

...

After using the reset link, user can set up a new password.

...

Password requirements.

The password requirements can be set up using the VSS->Service-> Service Resource Scheduling->Customer Portal->Authentication->Set Password Requirements IMG node.

If not specified, the default requirement is :8 characters or more, 1 Uppercase, 1 Lowercase, 1 digit, 1 special.

...

Automatic linking of user's profile with a Business Partner number.

At every sign-in to the application, the user's profile is verified. If no assignment to a business partner is defined, the system searches for a BP with a suitable email address. If it finds exactly one and it is not yet linked to another user, the user profile is linked to the BP.

Info

For existing customers It’s enough to update their business partner’s email address to provision their portal user. After the customer registers with the given email address all their orders and vehicles will be visible in the application.

Single-Sign-On with OpenID Connect.

The Customer Portal offers single-sign-on with OpenID Connect using Authorization Code Flow. It’s possible to use multiple identity providers at the same time.

...

The table is set up in the VSS->Service-> Service Resource Scheduling->Customer Portal->Authentication->Maintain OpenID Identity Providers Configuration IMG node.

...

Info

Please note that identity providers need to be set up separately on every system.

Access with resource token.

Customers without an account can perform all actions on their service orders and appointments by using links from received order processing notifications (email, SMS, ...). The notifications are sent from the VSSCommunication Framework in response to various events. The links in the notifications contain resource tokens that allow interaction with a single order or appointment.  

Protecting the application with reCaptcha V3.

The application and the underlying REST services can be enabled to use reCaptcha V3 as way to protect from spam and abuse.

For reCaptcha to work it’s required that the default user role requires reCaptcha verification. This setting can be made in the VSS->Service-> Service Resource Scheduling->Customer Portal->General Settings->Maintain user roles IMG node.

...

Additionally, it’s required to provide secret key and site key in the VSS->Service-> Service Resource Scheduling->Customer Portal->General Settings->Mainatin Customer Portal Parameters IMG node.

Parameter name

Meaning

RECAPTCHA3_SECR_KEY

reCaptcha Secret Key

RECAPTCHA3_SITE_KEY

reCaptcha Site Key - Google

...