Integration of internal API for user verification and Validation

Hello all,

I am a little stuck, and I am sorry but I cant seem to get anyone to respond as I am sure everyone is distracted by the holidays. I read through a Facebook auth tutorial and I see there are some similarities to what I need to accomplish but I feel I just do not know the correct workflow.

What I am attempting to do is to use our inHouse user creation and validation API to create users and log users in. It is a simple API call;

userlogin - get
user - user
pwdhash - password
key - string key - header

createuser - post
user - user
pwdhash - password
useremail - users email
key - string key - header

I have used an APIform and have successfully verified and created a user. Once either a user is created or verified, our internal system responds with a unique identifyer key. I need to retrieve that key and use that key to allow access to certain parts of the application. Different level users have keys associated with their access level.

How do I go about setting this up and then redirecting the user to their assigned dashboard?

Second issue, when I assign the API form to a new page.ejs and I try to test the form in browser a page can not be located error happens.

Here is a great getting started tutorial that includes auth, identity, validation etc. https://www.youtube.com/playlist?list=PLUjqTJN3byC9W9UFjsV9f9vefe_ZSFQfb

I viewed through this. I didnt see any auth using API’s. Did you ?

In my scenario, the registration API has two additional steps of validation against a provisioning table and our CRM API, checking if the user’s email address exists in both. The first API call to the CRM looks for the user’s email address.

image696×510 26.9 KB

Disclaimer: I’m not very familiar with the front-end

Great, perhaps you’d like to store this key in a cookie or HTML5 local storage. Consider using the following component:

Session Storage Manager836×318 21.5 KB

The goal would be, after API form success (“Dynamic Events” option), set a variable “key” in session with the value of what you got answered in the API form.

You mean you need to perform API requests with this key? Have you tried using the query parameters option in API Form?

In “Value” you’d grab the “key” variable from your Session Storage Manager

A similar scenario would happen for “API Action” instead of “API Form”, you have these options:

Edit: To setup redirects, add a Browser component to your page, and then on API Form success (“Dynamic Events”) you can redirect the user using the browser component

Edit 2: I see your “key” is meant to be sent as an header, so in that case you wouldn’t use “Input Data” nor “Query Parameters”, but the “API Headers” option

@Brandl thanks for the above.

would you mind elaborating a little on the process. I see a few execute actions. What you are doing validating users and companies is exactly what I am looking to do. It also looks like you have a database setup. is that for storing the user information and calling on it for security purposes?

this is great as well @Apple. Thanks for this. I might hit you up with questions.

@Apple the key was not initially meant to be a header. However the documentation my team read stated that the header was necessary. Is that not correct?

If it’s correct or not depends on the implementation of your back-end. If the documentation says to use a header, then use a header

@Brandl how did you configure each of the API Actions?

Its our own authentication. We switched it internally. I have a crazy good backend guy retired Bearsterns. Just wondering if it is necessary or not

Well, it makes sense to be a header, like a Bearer token or HTTP basic auth