In order to create login pages, an authentication profile is needed to validate end users trying to access your application’s front-end pages and the data within.
After reading this article, you will learn:
What is an authentication profile
What they are used for
The three kinds of authentication profiles (and their differences)
How to create an authentication profile
How to configure a default profile for your applications
What is a UUID
Where authentication profiles are used
What is an authentication profile?
An authentication profile defines which model or models your application will use to validate any users attempting to access a protected (authenticated) page. In the majority of cases, the user model is used as it contains information unique to individual users but this can be customized when configuring a new authentication profile.
Once you have created a login page and have configured an authentication profile, users attempting to log in will be checked to ensure the unique identifiers of that user (generally email and password) match your authentication model and the user record exists with matching credentials.
Kinds of authentication profiles:
The Betty Blocks platform enables the configuration and use of three different types of authentication profiles currently supported in the page builder. Which one is required may vary according to specific use cases but both support the same login and validation process in applications.
Every new Betty Blocks application is created with a ‘User’ model by default. This enables quick, easy setup* of an authentication profile using the user model and user records contained within.
*Note: The user model supports simple configuration but a different, custom, model can be selected for this authentication profile type.
2. Custom authentication
Configure an authentication profile using a custom model in your application. Custom authentication is primarily used for single sign-on (SSO) login flows and we advise reaching out to our technical support team to assist in the setup of SSO login pages.
3. Betty Blocks authentication
This is a default authentication profile that our platform offers out of the box. It enables you to authenticate visitors of your application’s page builder. These visitors get authenticated automatically via the default platform login mechanism. After it’s compiled, pages can only be visited by those with valid Betty Blocks accounts, as either user or builder roles. The way to add new accounts is explained in this article.
Creating an authentication profile
The following section will explain how to create an authentication profile from scratch and explain the various required profile and settings configurations that must be completed for a functional authentication profile.
Where to find and configure an authentication profile?
The easiest authentication profile option to choose from is 'Betty Blocks authentication' which enables you to authenticate your application end users via their Betty Blocks platform account. As you create a new page in the page builder section, choose the option with this type of authentication.
Being the basic authentication method that comes out of the box, Betty Blocks account authentication has a limited number of options compared to others. These options are explained in detail further in the article.
Two other types of authentication profiles can be found in the settings menu in the Betty Blocks development platform. Mind that from the authentication profiles overview in the 'Tools' section, you can only work with the 'Username/password' and 'Custom authentication profile' options.
In order to navigate to the authentication profile overview:
Begin in any section of the development platform
Locate the builder bar, the vertical menu on the left
The second icon from the bottom of the builder bar
'Authentication profiles'option in the menu that appears
This will navigate you to the authentication profile overview page
From this overview, you can configure new authentication profiles or change the settings of an existing profile. Next up, we will show you the steps to configure a new profile from this overview. We will show the steps first and then explain the fields in detail below.
Note: Steps marked with an asterisk are only available when configuring a username/password authentication profile
In order to configure a new profile:
‘New profile’button in the top right of the overview
If no other profiles exist the button in the center of the screen works too
A sidebar will open with the configuration options
Select which kind of authentication profile to create
Configure the required fields which are:
Enter a name for the profile
Select a login model
Select a username property*
Select a password property*
Select a login page (not required during initial setup)
Configure optional fields
Select a language property (if one is available)
Set an expiry time (defaults to 7200 if not set)
Set token refresh timeout (defaults to 259200 if not set)
Set the profile as the default for this application using the toggle button
'Save'to finalize the authentication profile
Authentication profile options explained
Authentication profiles are available in three kinds. When creating a new profile you can choose between the kinds 'Username/password', and 'Custom authentication', which are explained earlier in this document.
Note: 'Betty Blocks authentication' option is inactive within this setting because you are only able to choose it from the wizard when creating a new page in the page builder (as explained above)
The label of the authentication profile. When logging a user in or out, you can select an authentication profile to log in/out by selecting its name.
Sets this authentication profile as the standard for any newly created page that has been configured as ‘Authenticated’.
The login variable defines the name of your user object, so how it will be labeled in your variable browser. If you look at the Internal authentication you'll see that the login variable is called current_user, stating that if you'd want to use the currently logged-in user somewhere inside of an action or such.
The login model defines the model that holds your users. This is the model on which you've got your user's identification. Ask yourself: Which kind of user will log in to my app? An employee? A contact person? An astronaut? Or does your system not specify a function, but simply log in a Person (or end-users of your application)? Then that will probably be your login model.
Note: It's worth mentioning that in order to enable your users to log in, you have to create and use a new model (for example, called 'Webuser'), but NOT use the ones that are presented by default by Betty Blocks.
Username/password (only when using the Username/password kind):
The username and password define the credentials of your webuser: which property of your login model should be used as the username and which should be used as a password. A username can include text or numeral properties (excluding properties like a list, multi-line texts, and number expressions). Ideally, a username would be an email address in nine out of ten cases.
Expire token after the number of seconds:
What else is there to explain here? ;) It logs the (web) user out automatically if the user hasn't done anything for this amount of seconds.
Authentication profile UUID
To enable communications between, for example, your application and the data in an external database, you need to locate and apply the universally unique identifier (UUID). A UUID can also be required for enabling a password reset to ensure that a unique code can be applied.
For a more detailed overview of UUIDs in Betty Blocks, please refer to this document.
Where are authentication profiles used?
Authentication profiles are used when creating new pages with the ‘Authenticated’ option selected. Authenticated pages protect the data held within an application and on your front-end pages by enforcing any user attempting to access the page to be validated.
Also, actions to check if the user has the correct roles and/or permissions to mutate data within the application.
This is done via the user logging in (via a login page) and that user’s login credentials must match both the authentication profile you created plus the entered credentials must match a registered user's credentials.
They are also used within pages in combination with a data container. When configuring a data container and selecting "Logged in user" this data container will contain all the information that is within the model of that logged-in user to be displayed on the Page.
The password field will then be `REDACTED` to keep it secure.
For more information
Reach out to us at firstname.lastname@example.org if you have any questions or would like more information about authentication profiles.