In order to create login pages, an authentication profile is needed to validate end users trying to access your application’s front-end pages and the data within.
After reading this article, you will learn:
What is an authentication profile
What they are used for
The three kinds of authentication profiles (and their differences)
How to create an authentication profile
How to configure a default profile for your applications
What is a UUID
Where authentication profiles are used
What is an authentication profile?
An authentication profile defines which model or models your application will use to validate any users attempting to access a protected (authenticated) page. In the majority of cases, the user model is used as it contains information unique to individual users but this can be customized when configuring a new authentication profile.
Once you have created a login page and have configured an authentication profile, users attempting to log in will be checked to ensure the unique identifiers of that user (generally email and password) match your authentication model and the user record exists with matching credentials.
Kinds of authentication profiles:
The Betty Blocks platform enables the configuration and use of two different types of authentication profiles currently supported in the Page Builder. Which one is required may vary according to specific use cases but both support the same login and validation process in applications.
1. Username / password
Every new Betty Blocks application is created with a ‘user’ model by default. This enables quick, easy setup* of an authentication profile using the user model and user records contained within.
*Note: The user model supports simple configuration but a different, custom, model can be selected for this authentication profile type.
2. Custom authentication
Configure an authentication profile using a custom model in your application. Custom authentication is primarily used for Single Sign-On (SSO) login flows and we advise reaching out to our technical support team to assist in the set up of SSO login pages.
How to create an authentication profile
The following section will explain how to create an authentication profile from scratch and explain the various required profile and settings configurations that must be completed for a functional authentication profile.
Where to find and configure an authentication profile
Authentication profiles can be found in the settings menu in the Betty Blocks development platform.
In order to navigate to the authentication profile overview:
Begin in any section of the development platform
Locate the Builder Bar, the vertical menu on the left
Click the ‘Tools’ menu
The second icon from the bottom of the builder bar
Click the Authentication profiles option in the menu that appears
This will navigate you to the authentication profile overview page
From this overview, you can configure new authentication profiles or change the settings of an existing profile. Next up, we will show you the steps to configure a new profile from this overview. We will show the steps first and then explain the fields in detail below.
Note: Steps marked with an asterisk are only available when configuring a username/password authentication profile
In order to configure a new profile:
Click the ‘new profile’ button in the top right of the overview
If no other profiles exist the button in the center of the screen works too
A sidebar will open with the configuration options
Select which kind of authentication profile to create
Configure the required fields which are:
Enter a name for the profile
Select a login model
Select a username property*
Select a password property*
Select a login page (not required during initial setup)
Configure optional fields
Select a language property (if one is available)
Set an expiry time (defaults to 7200 if not set)
Set token refresh timeout (defaults to 259200 if not set)
Set the profile as the default for this application using the toggle button
Click save to finalize the authentication profile
Authentication profiles are available in two kinds. When creating a new profile you can choose between the kinds "Username / password" or "Custom authentication” which are explained earlier in this document.
The label of the authentication profile. When logging a user in or out, you can select an authentication profile to log in/out by selecting its name.
Sets this authentication profile as the standard for any newly created page that has been configured as ‘Authenticated’.
The login variable defines the name of your user object, so how it will be labeled in your variable browser. If you look at the Internal authentication you'll see that the login variable is called current_user, stating that if you'd want to use the currently logged-in user somewhere inside of an action or such.
The login model defines the model that holds your users. This is the model on which you've got your user's identification. Ask yourself: Which kind of user will log in to my app? An employee? A contact person? An astronaut? Or does your system not specify a function, but simply log in a Person (or end-users of your application)? Then that will probably be your login model.
Note: It's worth mentioning that in order to enable your users to log in, you have to create and use a new model (for example, called 'Webuser'), but NOT use the ones that are presented by default by Betty Blocks.
Username / password:
(Only when using the Username / password kind) The username and password define the credentials of your webuser. Which property of your login model should be used as the username and which should be used as a password. A username can include text or numeral properties (excluding properties like a list, multi-line texts, and number expressions). Ideally, a username would be an email address in nine out of ten cases.
Expire token after amount of seconds:
What else is there to explain here? ;) It logs the (web) user out automatically if the user hasn't done anything for this amount of seconds.
Authentication profile UUID
To enable communications between, for example, your application and the data in an external database, you need to locate and apply the universally unique identifier (UUID). A UUID can also be required for enabling a password reset to ensure that a unique code can be applied.
For a more detailed overview of UUIDs in Betty Blocks, please refer to this document.
Where are authentication profiles used?
Authentication profiles are used when creating new pages with the ‘Authenticated’ option selected. Authenticated pages protect the data held within an application and on your front-end pages by enforcing any user attempting to access the page to be validated.
Also, actions to check if the user has the correct roles and/or permissions to mutate data within the application.
This is done via the user logging in (via a login page) and that user’s login credentials must match both the authentication profile you created plus the entered credentials must match a registered user's credentials.
They are also used within pages in combination with a data container. When configuring a Data Container and selecting "Logged in user" this data container will contain all the information that is within the model of that logged-in user to be displayed on the Page.
The password field will then be `REDACTED` to keep it secure.
For more information
Reach out to us at firstname.lastname@example.org if you have any questions or would like more information about authentication profiles.