Configuring 3rd party authentication
Altogic allows your application users to authenticate to your application using third-party providers such as Google, Apple, Facebook, and Twitter. Currently, Altogic supports the following providers for authentication:
The general flow of authentication using third-party providers stats with configuring the client id and client secret of the provider in Altogic. To create the client id and client secret you need to create an account in the provider's developer/cloud portal, create an application and configure the required permissions for the application and finally create your client id and secret. In addition, you also need to set the callback URI to the URL provided in the authentication settings view. The details about how to get the client id and client secret for each provider is explained in detail in our Third Party Authentication videos on our YouTube channel.
Following the creation of client id, client secret, and configuring the callback URL, you can complete the authentication configuration Altogic by specifying the success and error redirect URLs, which will be called in case of successful or non-successful user authentication respectively. These success and error URLs need to be part of your front-end application.
The final step in having third-party authentication is integration with your front-end application. In the authentication settings panel, Altogic provides the URL that you need to direct your users for authentication in your front-ent application. You just need to use this URL and add it to your front-end application and direct your app users to this URL when a button or link is clicked.
To configure a third-party authentication provider via the Designer, you need to navigate the App settings and select Authentication view.
In the authentication view:
- Select the User Data Model where your authentication user information will be stored. The user data model needs to be a permanent model with the required exact field names and types. You can easily add the missing fields to the selected model if the model does not have those required fields already.
- Specify the redirect URL of your front-end application. When your app users are successfully authenticated using an oAuth provider or a magic link or when the email address of a user is confirmed, your frontend app will be redirected to the redirect URL. An access token which you can use to fetch authentication grants, namely the user and the session data, will be provided as a query string parameter named access_token. Similarly, if the user cannot be authenticated, your frontend app will be redirected to the same redirect URL and an error message will be provided in the query string parameter named error. You can override this URL at environment level and for each different environment of your app you can configure different redirect URLs.
- Enable/disable email and password based sign-up in Altogic client library. You can allow your users to sign up using their email addresses and passwords. After signing up, users can use their email address and password to log in. You can also enable/disable email confirmations, meaning when the users are signing up or when they are trying to change their email addresses, you can send a confirmation email to their email address and ask them to click on a confirmation link.
- Enable/disable phone number and password based sign-up in Altogic client library. You can allow your users to sign up using their mobile phone numbers and passwords. After signing up, users can use their mobile phone number and password to log in. You can also enable/disable phone number confirmations, meaning when the users are signing up or when they are trying to change their mobile phone numbers, you can send a confirmation code and ask them to enter the code included in the SMS to confirm their mobile phone numbers.
- Enable the required authentication provider. Provide the required client id and client secret and configure the callback URL in the respective authentication provider's developer/cloud portal.
- Hit Save Changes to save your authentication configuration settings
If you have enabled signin up using email or phone number, you can also customize email and SMS message templates used during verification of email address or phone number. To configure the message templates via the Designer, you need to navigate the App settings and select Authentication view. From the Authentication view, select Message templates.