User Authentication - Token

Owned by Will Wilson (Deactivated)
Last updated: Jun 17, 2016
4 min read

The User Authentication - Token Access Method will allow you, as the app builder, to specify unique login credentials for each end user that you want to have access to your app.  You can also specify the session length, i.e. how long until the user will need to login again.  Once the user has logged in, the token associated with their credentials will be included in all requests made by the app.

You can upload a CSV with all the credentials or manually add each set of credentials individually through AppOffice.


CSV

If you choose to upload a CSV, it must be in the correct format.:

  • The CSV must have 3 columns,
  • The first row in the first column (cell A1) must be "Username".
  • The first row in the second column (cell B1) must be "Password".
  • The first row in the third column (cell C1) must be "Token".
  • If any username, password, or token starts or ends with a space, those spaces will be trimmed when you upload your CSV.

 

Download a sample CSV

 

 

Configuration

To upload your CSV, go to Access Manager > Configuration and click the blue "Add" button.

On the Configuration page, you can also set the Item Name and the Display Name.  The Item Name is what you will see in the platform when designing your app.  The Display Name is what will be showed to the app user when using the app.  Both are set to "Access Manager" by default.

You can also set the Session Timeout - this is how long until the app user will need to login again.  By default, it is set to "No Expiration" - this means that once an app user logs in successfully, he will never need to login again.  The Session Timeout is "built into" the app when you do a build - this means that if you build the app and install it on a phone, then change the Session Timeout, the app will still use the old Session Timeout.
 

Remember to click the green "Apply" button to save your changes!

 

AppOffice

After you have uploaded your CSV, go to Access Manager > AppOffice and you can see all the credentials.

You can edit, delete, and add new credentials.

You can export the list to a CSV file you can download.

You can toggle the active status for any set of credentials by clicking under the "Active" column.

  • A checkmark indicates the credentials are active - an app user who uses these credentials will be allowed into the app.
  • A minus/dash/hyphen indicates the credentials are inactive - an app user who uses these credentials will not be allowed into the app.
  • Any changes in active status are immediate - you do not have to save.

 

Device Behavior

When the app user launches your app, it will show the User Authentication login screen.  The login screen is not configurable and always shows the same three elements:

  • Username text entry field
  • Password text entry field
  • Submit button

These elements are displayed on top of the Splash Image.

User Auth login on iPhone

 

User Auth login on Droid

 

The user will not be able to proceed without entering a valid username and password.

Invalid credentials on iPhone

 

Invalid credentials on Droid

 

Once the user has successfully logged in, the app will not show this screen again until the session has expired - this is the Session Timeout you set on the Configuration page.

You can add or remove credentials at any time using AppOffice, even after you have built the app.  When an app user tries to login, the app checks the user-entered credentials against the credentials in AppOffice at that time.

Once the user has logged in, the token associated with their credentials will be included in all requests made by the app.