https://dev.socialidnow.com/api.php?action=feedcontributions&user=Vicente.santos&feedformat=atomSocial ID Developers - User contributions [en]2024-03-29T05:30:20ZUser contributionsMediaWiki 1.18.1https://dev.socialidnow.com/index.php?title=Social-ID_%26_IBM_Sandbox_GuideSocial-ID & IBM Sandbox Guide2019-05-14T15:01:31Z<p>Vicente.santos: </p>
<hr />
<div>== Account Creation ==<br />
* You will need a CoffeeBean account before you can start. Contact [[mailto:support@coffeebeantech.com support@coffeebeantech.com]]<br />
<br />
== CoffeeBean Dashboard ==<br />
<br />
* Connect to your CoffeeBean account<br />
* On the top of the page, select '''Plugins''' and then '''Applications'''<br />
* Click on '''New Application'''<br />
* Fill in the following fields:<br />
** ''Name'' (can be any name)<br />
** ''Callback URL'' (can be any URL)<br />
* Click on '''Next'''<br />
* '''Optional:''' take note of the only number that appears on the URL of the new page (''/marketing/login/apps/NUMBER/widgets''). You can use http://cbt-landing.herokuapp.com/stag/NUMBER to access a ready-to-go landing page to test your social login application. In case you're using production environment, you can use http://cbt-landing.herokuapp.com/prod/NUMBER instead.<br />
* Select which social networks you're interested in<br />
* On the top of the page, select '''Automation Engine''' and then '''Rules'''<br />
* Click on '''New Rule'''<br />
* In the session '''Select the Trigger''', select one from below:<br />
** ''Profile Update'' (this will keep your contacts updated with whatever data is available on their social networks; whenever a profile is updated on the social network, your database will be updated with the most recent version of that profile) [[File:profile_update_event.png|600px|thumb|center|Profile Update trigger]]<br />
** ''Sign in'' (captures and updates social data only when users sign up or log in)<br />
* In the session '''Segment the Target''', click on '''create a new list…'''. To send all contacts to IBM Marketing Cloud, leave the option ''All'' of the field '''Data Source''' selected<br />
* In the session '''Select the Channels''', select the option ''IBM UBX Integration'' for '''Channel Type''' and choose one of two for '''UBX Event''':<br />
** ''Connected with Social'' (to be used as a Universal Behavior)<br />
** ''Contact Update'' (updates contacts on the IMC database) [[File:socialid_update_contact_channel.png|600px|thumb|center|IBM UBX Contact Update]]<br />
* After setting up your campaign, click '''Save''' at the end of the page<br />
** If you want to have multiple setups (to have Universal Behaviors and automatic contact updates at the same time, for example), you will need multiple campaigns. You can use the action '''Duplicate''' to create a copy of your current campaign and then use the '''Edit''' action to modify the relevant fields<br />
* Before you leave the dashboard, click on the arrow at the top right of the page<br />
* Select '''API'''<br />
* You will find two fields that you will need on UBX:<br />
** API Id (UBX's ''User ID'' during endpoint creation)<br />
** API secret (UBX's ''Password'' during endpoint creation)<br />
* '''Optional:''' you can go back to the '''Social Plugins > Social Login''' page, mouse over the Social Login you created and click '''Get code''' to find a snippet to be copied to your website or landing page<br />
<br />
== On Universal Behavior Exchange ==<br />
<br />
* Connect to your UBX account<br />
* Go to the '''Endpoints''' tab and then on '''Register new endpoint'''<br />
* On the window that pops up, find the option for ''Social-ID'' and the click '''Next''' [[File:socialid_endpoint.png|600px|thumb|center|Social-ID endpoint]]<br />
* Select the deployment according to your Social-ID account<br />
* Use the ''API Id'' and ''API secret'' you got from the Social-ID Dashboard as ''User ID'' and ''Password''<br />
* You will receive a notification communicating your endpoint was successfully activated<br />
* Go to the '''Events''' tab and then on '''Subscribe to events'''<br />
* On the window that pops up:<br />
** On the left side select both events under '''Coffee Bean > Social_ID_Production''', ''Connected to Social channel'' and ''Contact Update''<br />
** On the right side select '''IBM > IBM Engage_IBM Engage Pod 0''' (the name of the endpoint can vary slightly)<br />
** Click on '''Subscribe'''<br />
* Both solutions are now connected. Social-ID will automatically send to IBM Marketing the events you selected [[File:ubx_event_subscription.png|600px|thumb|center|Event subscrition]]<br />
* Whenever a contact uses social login to access your website, app, Wi-Fi or any other system, this contact will be automatically inserted into your IBM Marketing Cloud database together with all data your app was given permission<br />
<br />
<br />
<br />
== References ==<br />
<br />
This guide is translated freely from [https://www.ibm.com/blogs/commerce/br-pt/2017/02/17/como-conectar-o-social-id-ao-ibm-marketing-cloud/ Como Conectar o Social-ID ao IBM Marketing Cloud]<br />
<br />
You can also find this guide in video form: [https://www.youtube.com/watch?v=SImAYqAVilk https://www.youtube.com/watch?v=SImAYqAVilk]<br />
<br />
Website: [http://www.coffeebeantech.com http://www.coffeebeantech.com]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=IBM_UBX_Integration_GuideIBM UBX Integration Guide2019-05-14T14:53:56Z<p>Vicente.santos: </p>
<hr />
<div>== Introduction ==<br />
<br />
The IBM Universal Behavior Exchange is an open exchange that makes it easy to share customer data between certified solutions. The integration between CoffeeBean and IBM UBX allows you to leverage social login events and social profiles to be easily used across different marketing applications. <br />
<br />
== Available Events ==<br />
<br />
CoffeeBean Identity and Access Platform currently integrates with the following [https://ubx-01.ibmmarketingcloud.com/#/taxonomy UBX events]: <br />
<br />
=== Connected to social channel (Social Events) ===<br />
<br />
* Event Code: connectedSocial<br />
* Namespace: com.ibm.commerce.ubx<br />
* Identifiers: social_id, email, facebook_id<sup style="color: red">[1]</sup>, gplus_id, linkedin_id<sup style="color: red">[1]</sup>, twitter_id<br />
* Attributes: eventId, eventName, description, brandTag, socialPlatform, contactConsent<br />
<br />
=== Contact Update (Engage Contact Update Event) ===<br />
<br />
* Event Code: contactUpdate<br />
* Namespace: com.ibmmarketingcloud.engage<br />
* Identifiers: social_id, email, facebook_id<sup style="color: red">[1]</sup>, gplus_id, linkedin_id<sup style="color: red">[1]</sup>, twitter_id<br />
* Attributes<sup style="color: red">[2]</sup>: SocialId, Email, SocialIdProfileURL, Birthday, PictureURL, Gender, RelationshipStatus, CurrentLocation, Religion, Locale, Industry, FirstName, LastName, WorkPosition, Company, TwitterId, FacebookId, GplusId, LinkedInId, TwitterHandle, GplusHandle, contactConsent, [http://dev.socialidnow.com/index.php?title=GET_login/users/:user_id/data user data] attributes and [http://dev.socialidnow.com/index.php?title=PUT_login/apps/clustering/rules clustering features] attributes (using FeatureLabel name pattern).<br />
<br />
<span style="color:red">[1]: App-scoped ID, i.e., the ID namespace is unique per social app and not for the entire social network.</span><br />
<br />
<span style="color:red">[2]: Most of these attribute names can be customized when the Engagement Engine channel is configured.</span><br />
<br />
== How To Integrate with IBM UBX ==<br />
<br />
* On CoffeeBean Identity and Access Platform<br />
** On Account Settings<br />
*** Take note of API id and API secret from API page<br />
** On Campaign Engine > Campaigns<br />
*** Create a new campaign using: ''Social Login - Sign In'' or ''Social Login - Profile Update'' as a trigger; All contacts as a filter; and ''UBX Integration'' as a channel, choosing an event type<br />
* On UBX<br />
** On Endpoints tab<br />
*** Register a new CoffeeBean endpoint choosing the appropriate environment<br />
**** Use the API id and secret as keys<br />
* Now the CoffeeBean endpoint should be ready to use.<br />
<br />
== How To Integrate with IBM Marketing Cloud ==<br />
<br />
* Follow all the steps to integrate CoffeeBean with IBM UBX, choosing ''Contact Update'' as event type on the Campaign Engine<br />
* On IBM Marketing Cloud<br />
** On Data tab<br />
*** Optional → create a database if needed<br />
**** Databases > Create<br />
*** Click on a database then click on ''Show Additional Details'' to take note of the Database ID<br />
*** Optional → add any of the following fields to the database: FirstName, LastName, WorkPosition, Company, PictureURL, Gender, RelationshipStatus, Birthday, CurrentLocation, Religion, Locale, Industry, SocialIDProfileURL<br />
*** On Settings > Organization Settings > Application Account Access > Add Account Access<br />
**** Set application to IBM Universal Behavior Exchange and add<br />
**** Check e-mail for User Account Refresh Token and take note<br />
* On UBX<br />
** On Endpoints tab<br />
*** Register a new IBM Engage endpoint<br />
**** Use Account Refresh Token and Database ID as keys<br />
** On Events tab<br />
*** Subscribe to Events<br />
**** Select ''Social-ID > Contact Update'' event as source and ''IBM Engage'' as destination and subscribe<br />
* Anytime a login happens, it will now create/update a contact in the selected IBM Marketing Cloud database</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Cross-Origin_Authentication_using_Javascript_APIsCross-Origin Authentication using Javascript APIs2019-05-14T14:51:19Z<p>Vicente.santos: </p>
<hr />
<div>Most Javascript APIs depends on the current login session to manage information regarding the user logged in. The login session is implemented using [https://en.wikipedia.org/wiki/HTTP_cookie cookies] to store information about the current user’s connection and track the user's session status in the browser.<br />
<br />
In the context of customer’s website, the socialidnow.com domain is considered a third-party application, so the cookies managed by the CoffeeBean Platform are defined as [https://en.wikipedia.org/wiki/HTTP_cookie#Third-party_cookie third-party cookies]. When the authentication is performed by customer's website using the CoffeeBean Platform, it's considered a cross-origin authentication, when two different domains need to share resources. Many standards support these cross-origin sharing, like [https://en.wikipedia.org/wiki/Cross-origin_resource_sharing CORS], [https://en.wikipedia.org/wiki/JSONP JSONP] and [https://en.wikipedia.org/wiki/Web_Messaging Web Messaging].<br />
<br />
== Cross-Origin Authentication ==<br />
<br />
The Javascript APIs implements cross-origin authentication in the following APIs:<br />
<br />
* [[socialid.login.startLogin]]: used to initiate the social login process. It redirects to the CoffeeBean Platform, that performs the login by redirecting to the social provider and creating the user's session.<br />
* [[socialid.login.startSession]]: used just to create the user's session given a connection_id. It redirects to the CoffeeBean Platform, that validates the connection_id and creates the session.<br />
* [[socialid.login.loginConnection]]: used just to create the user's session given a connection_id, but do not redirect to the CoffeeBean Platform. It's not fully compatible with Safari browser.<br />
<br />
== Browser Support ==<br />
<br />
The Javascript API is supported on all modern browsers with third-party cookies support enabled, that is the default behavior for most of them, like Chrome and Firefox, except for Safari.<br />
<br />
When third-party cookies are disabled (either by the user or default), the Javascript APIs that depends on the current login session will not work.<br />
<br />
=== Safari ===<br />
<br />
Safari browser implements a different mechanism: [https://webkit.org/blog/7675/intelligent-tracking-prevention/ Intelligent Tracking Prevention]. Intelligent Tracking Prevention collects many statistics and applies Machine Learning to identify potential risk to cross-site tracking, periodically deleting tracking data unless the user visits the third-party content provider. In practice, it blocks cookies from third-party applications unless the user interacts with these applications at the top domain, that is, if the user access the third-party application as a first-party application.<br />
<br />
It affects how Single Sign-On is managed in Safari browsers, since customer's sites use socialidnow.com as the central user session for all sites. The Single Sign-On could not work properly with the API [[socialid.login.loginConnection]], because Safari browsers (desktop and mobile) would require the user to have accessed the socialidnow.com domain in order to accept cookies from it. The APIs [[socialid.login.startLogin]] and [[socialid.login.startSession]] redirect the user to the socialidnow.com domain as a first-party application, therefore the cookies for the user's session can be properly created and can be accessed later in the customer's site as third-party cookies.<br />
<br />
Besided that, the sessions will be limited to 24-hour expiration, until the user interacts with the top domain (socialidnow.com) again.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Zyxel_NebulaZyxel Nebula2019-05-14T14:48:43Z<p>Vicente.santos: </p>
<hr />
<div>The following guide was created using a Zyxel wireless network with the following components:<br />
<br />
* Controller: Zyxel Nebula (Build version: 20171020-113746)<br />
* AP: Zyxel NAP102<br />
<br />
== Site ==<br />
<br />
You if don't have a Site with registered APs yet, you need first to create a new one and then add your APs to the Inventory.<br />
<br />
To create a new site you can go to "ORGANIZATION > Create site".<br />
<br />
To add a new AP you can go to "SITE-WIDE > Add Device".<br />
<br />
To see your devices Inventory you can go to "ORGANIZATION > Inventory".<br />
<br />
== SSID ==<br />
<br />
<br />
Once you have your Site and APs configured, you can set up the SSID on "AP > Configure > SSIDs".<br />
<br />
Just choose the "Name" for your SSID and follow the next steps for the Authentication and Captive Portal settings. <br />
<br />
[[File:1-zyxel-nebula-ssid.png|800px]]<br />
<br />
On this page you can also configure the "Rate limiting" if you want.<br />
<br />
== Authentication ==<br />
<br />
Go to "AP > Configure > Authentication" and select the SSID previously configured.<br />
<br />
[[File:2-zyxel-nebula-authentication.png|800px]]<br />
<br />
=== SSID Visibility ===<br />
<br />
* Visibility: you can keep the default value ("Broadcast this SSID") or configure as your preference<br />
* Schedule: you can keep the default value ("Always on") or configure as your preference<br />
<br />
=== Network Access (RADIUS Server) ===<br />
<br />
* WLAN Security: choose "Open"<br />
* Captive Portal: choose "Sign-in on with My RADIUS server"<br />
* RADIUS server:<br />
** Host: the [[Captive_Portal#RADIUS_Server|RADIUS server IP]] according to your environment/region<br />
** Port: 1812<br />
** Secret: the provided RADIUS client secret<br />
<br />
=== Walled Garden ===<br />
<br />
Allow CoffeeBean Platform URLs and social network URLs by configuring the Walled garden.<br />
<br />
Turn the Walled garden on and add the entries according to [[Walled_Garden_for_the_Social_Login | Walled Garden for the Social Login]] URLs:<br />
<br />
[[File:3-zyxel-nebula-walled-garden.png|800px]]<br />
<br />
=== Captive Portal Access Attribute ===<br />
<br />
* Login on multiple client devices: you can keep the default value ("Multiple devices access simultaneously") or configure as your preference<br />
* Strict Policy: choose "Block all access until sign-on"<br />
<br />
== Captive Portal ==<br />
<br />
Go to "AP > Configure > Captive portal" and select the SSID previously configured.<br />
<br />
Set the following parameters:<br />
<br />
* External captive portal URL<br />
** Use URL: turn the option on and set the URL with the provided captive portal URL (e.g.: https://wifi.socialidnow.com/portals/cbt-zyxel-nebula-lab/auth)<br />
<br />
* Captive portal behavior<br />
** Choose "To promotion URL" and set the provided captive portal promotion URL (e.g.: https://wifi.socialidnow.com/portals/cbt-zyxel-nebula-lab)<br />
<br />
[[File:4-zyxel-nebula-captive-portal.png|800px]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Zyxel_NXC_SeriesZyxel NXC Series2019-05-14T14:47:46Z<p>Vicente.santos: </p>
<hr />
<div>The following guide was created using a Zyxel wireless network with the following components:<br />
<br />
* Controller: Zyxel NXC2500<br />
* AP: Zyxel NWA5123-NI<br />
* Firmware: V5.00(AAIG.3) / V1.03 / 2017-02-03 07:02:31<br />
<br />
== Configuring the RADIUS Server ==<br />
<br />
Configure the CoffeeBean RADIUS server by creating a new AAA Server.<br />
<br />
Go to "Configuration > Object > AAA Server" and click in the RADIUS tab.<br />
<br />
Click to add a new RADIUS server, set a name such as "social-id-radius" and configure the authentication and accounting settings as follow.<br />
<br />
[[File:Zyxel-1-radius-server.png|800px]]<br />
<br />
=== RADIUS Authentication ===<br />
<br />
* Server Address: radius.socialidnow.com<br />
* Authentication Port: 1812<br />
* Key: the provided RADIUS client secret<br />
<br />
=== RADIUS Accounting ===<br />
<br />
* Server Address: radius.socialidnow.com<br />
* Authentication Port: 1813<br />
* Key: the provided RADIUS client secret<br />
<br />
You can also enable "Accounting Interim Update" to send accounting information in the desired interval.<br />
<br />
<span style="color: red">Important:</span> the RADIUS key (shared secret) must be up to 15 alphanumeric characters.<br />
<br />
== Authentication Method ==<br />
<br />
Go to "Configuration > Object > Auth. Method" and click in Add to create a new authentication method.<br />
<br />
Set a name such as "social-id-auth" and add the RADIUS server created earlier (e.g.: "group social-id-radius"):<br />
<br />
[[File:Zyxel-2-auth-method.png|800px]]<br />
<br />
== SSID ==<br />
<br />
Go to "Configuration > AP Profile" and click in the SSID tab.<br />
<br />
Create a new SSID with a Profile Name "social-id-ssid", for example, and set your SSID name:<br />
<br />
[[File:Zyxel-ssid.png|800px]]<br />
<br />
== Captive Portal ==<br />
<br />
Configure the external CoffeeBean captive portal.<br />
<br />
Go to "Configuration > Captive Portal", click to "Enable Captive Portal" and choose "External Web Portal":<br />
<br />
[[File:Zyxel-3-captive-portal.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* Login URL: the provided captive portal login URL<br />
* Welcome URL: the provided captive portal welcome URL<br />
* Error URL: the provided captive portal error URL<br />
* Authentication Method: the Authentication Method created earlier (e.g.: "social-id-auth")<br />
<br />
== Authentication Policies and Walled Garden ==<br />
<br />
You need to configure the authentication policies, including the hosts you need to leave open before the user authenticates to the network (walled garden). These unauthenticated hosts must include CoffeeBean Platform and social networks IP ranges provided as authentication methods.<br />
<br />
Follow this sequence to complete the configuration:<br />
<br />
# Create one Address for each host in the walled garden.<br />
# For each Address, you need to create a Policy Rule and set the Destination Address.<br />
# Create a Policy Group including all the policy rules.<br />
<br />
Let's see in details each step:<br />
<br />
=== Configuring Addresses ===<br />
<br />
Go to "Configuration > Object > Address", Address tab.<br />
<br />
Add a new Address object for each host in the walled garden. [[Walled Garden for the Social Login|Get the list of IP ranges]] for CoffeeBean Platform and each social network you use in your captive portal.<br />
<br />
Example: for the Facebook CIDR 31.13.24.0/21 you need to add the following object:<br />
<br />
* Name: facebook-1<br />
* Address Type: SUBNET<br />
* Network: 31.13.24.0<br />
* Netmask: 255.255.248.0<br />
<br />
[[File:Zyxel-object.png|800px]]<br />
<br />
You can use tools like http://www.ipaddressguide.com/cidr to get the starting and ending addresses from CIDR notations.<br />
<br />
=== Configuring Policy Rules ===<br />
<br />
Go to "Configuration > Captive Portal" and click in the "Redirect on AP" tab.<br />
<br />
Add a new Authentication Policy Rule for each Address created earlier.<br />
<br />
Example: for the Address "facebook-1" you need to add the following policy rule:<br />
<br />
* Profile Name: facebook-1-policy-rule<br />
* SSID: the SSID created earlier (e.g.: social-id-ssid)<br />
* Source Address: any<br />
* Destination Address: facebook-1<br />
* Schedule: none<br />
* Authentication: unnecessary<br />
<br />
[[File:Zyxel-policy-rule.png|800px]]<br />
<br />
After creating one policy rule for each walled garden Address, you need to create one more policy rule to force authentication to all other destinations:<br />
<br />
* Profile Name: social-id-policy-rule<br />
* SSID: the SSID created earlier (e.g.: social-id-ssid)<br />
* Source Address: any<br />
* Destination Address: any<br />
* Schedule: none<br />
* Authentication: force<br />
<br />
[[File:Zyxel-policy-rule-deny.png|800px]]<br />
<br />
=== Configuring the Policy Group ===<br />
<br />
The policy group is used to define the order in which the policy rules will be applied.<br />
<br />
Go to "Configuration > Captive Portal" and click in the "Redirect on AP" tab.<br />
<br />
Add a new Authentication Policy Group with a name such as "social-id-policy-group" and add each policy rule you have created earlier.<br />
<br />
Don't forget to add the policy rule "social-id-policy-rule" as the last one in the list.<br />
<br />
[[File:Zyxel-policy-group.png|800px]]<br />
<br />
== AP Management ==<br />
<br />
Go to "Configuration > AP Management" and click in the "AP Group" tab.<br />
<br />
Create a new AP Group with a Group Name "social-id-ap-group", for example.<br />
<br />
For the Radio 1 and Radio 2 Settings, select the SSID created earlier (e.g.: social-id-ssid) as a "SSID Profile":<br />
<br />
[[File:Zyxel-ap-group-ssid.png|800px]]<br />
<br />
In the "Portal Redirect on AP" setting, select the Policy Group created earlier (e.g.: social-id-policy-group):<br />
<br />
[[File:Zyxel-ap-group-portal-redirect.png|800px]]<br />
<br />
In the "AP List" configuration, move the APs you want to use to broadcast the SSID with CoffeeBean Captive Portal to the "Member" list:<br />
<br />
[[File:Zyxel-ap-group-ap-list.png|800px]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Ubiquiti_UniFiUbiquiti UniFi2019-05-14T14:43:11Z<p>Vicente.santos: </p>
<hr />
<div>This guide describes the configuration steps to enable an external captive portal in the Ubiquiti UniFi.<br />
<br />
This guide was created using the following components:<br />
<br />
* '''Controller:''' UniFi Network Controller 5.10.21 for Debian/Ubuntu Linux and UniFi Cloud Key<br />
* '''AP model:''' UniFi UAP<br />
<br />
== Requirements ==<br />
<br />
This guide outlines the configuration process for the Ubiquiti Networks UniFi Access Points.<br>This process assumes that the device has been powered up and a basic IP configuration has been applied through the CLI to allow the administrator access to the Web-based User Interface.<br />
<br />
== Graphical User Interface ==<br />
<br />
A browser-based Graphical User Interface is built into each controller, and allows users to browse management pages to configure and monitor operational status for the controller and its access points.<br />
<br />
After setting up the IP, the controller GUI will be available through port 8443 by default.<br />
<br />
== Network Configuration ==<br />
<br />
On the browser-based GUI, head to Settings and then on Wireless Networks. Either add a new network or edit the one you have already created. Perform the following settings:<br />
*'''Name/SSID:''' ''NameOfYourNetworkHere''<br />
*'''Enabled:''' Check ''Enable this wireless network''<br />
*'''Security:''' Open<br />
*'''Guest Policy:''' Check ''Apply guest policies (captive portal, guest authentication, access)''<br />
<br />
[[File:UniFi Wireless Networks.png]] <br />
<br />
== RADIUS Server ==<br />
<br />
In the left-side menu options, select Profiles and then click on Create New Radius Profile. Fill in the fields as shown below:<br />
<br />
*'''Profile Name:''' Name your RADIUS Profile here (e.g. “''CoffeeBean RADIUS''”)<br />
*'''VLAN Support''': Leave unselected<br />
*'''RADIUS Auth Server'''<br />
**'''IP Address:''' The RADIUS IP will depend on your environment/region. You can check the IP for your region at our [[Captive_Portal#Configuration_Parameters | Captive Portal Configuration Page]]<br />
**'''Port:''' 1812<br />
**'''Password/Shared Secret:''' Use the Shared Secret provided by CoffeeBean<br />
*'''Accounting:''' Check Enable Accounting<br />
*'''Interim Update:''' Check Enable Interim Update<br />
*'''Interim Update Interval:''' 3600<br />
*'''RADIUS Accounting Server:''' <br />
**'''IP Address:''' The RADIUS IP will depend on your environment/region. You can check the IP for your region at our [[Captive_Portal#Configuration_Parameters | Captive Portal Configuration Page]]<br />
**'''Port:''' 1813<br />
**'''Password/Shared Secret:''' Use the Shared Secret provided by CoffeeBean<br />
<br />
[[File:UniFi Create Radius Profile.png|800px]]<br />
<br />
== Guest Control ==<br />
<br />
In the left-side menu options, select Guest Control to start customizing your user’s flow in regards to authentication.<br />
<br />
=== Guest Policies ===<br />
<br />
Under the Guest Policies menu, make the following selections:<br />
*'''Guest Portal:''' Check ''Enable Guest Portal''<br />
*'''Authentication:''' Hotspot<br />
*'''Default Expiration:''' ''User-defined''<br />
*'''Landing Page:''' Select ''Promotional URL'' - This URL will be provided by CoffeeBean<br />
*'''Redirection:''' Leave unselected<br />
<br />
[[File:UniFi Guest Policies.png]]<br />
<br />
=== Portal Customization ===<br />
<br />
Under this menu, make the following selections:<br />
*'''Template Engine:''' AngularJS<br />
*'''Override Default Templates:''' Check Override templates with custom changes<br />
*'''Title:''' ''Name your portal here''<br />
<br />
The rest of the settings here can be left as default.<br />
<br />
[[File:UniFi Portal Customization.png|800px]]<br />
<br />
=== Hotspot ===<br />
<br />
Make the following selection for your hotspot configuration:<br />
*'''RADIUS:''' Enable ''RADIUS-based authorization''<br />
<br />
[[File:UniFi Hotspot.png]]<br />
<br />
=== RADIUS ===<br />
<br />
Under the RADIUS menu you will be requested to select a RADIUS Profile. At this point, select the previously created RADIUS profile.<br />
<br />
[[File:UniFi RADIUS.png]]<br />
<br />
After selecting the RADIUS profile, select the Authentication type to be CHAP.<br />
<br />
=== Access Control ===<br />
<br />
Under this submenu, you will be defining which IPs should be accessible before users authenticate onto your network.<br>To do so, we’re going to list all IPs to which we need access under the Pre-Authorization Access portion of the list. For the purposes of this guide, leave Post-Authorization Restrictions as default.<br />
<br />
Notice that the IPs to be accessed will depend on which kind of authentication you will be implementing for your network. Since these IPs may vary quite a bit over time, CoffeeBean keeps an updated list on its [[Walled_Garden_for_the_Social_Login#Walled_Garden_by_IP_ranges | Walled Garden Page]].<br />
<br />
'''''Note:''''' Do not forget to add CoffeeBean’s IP as it is mandatory for the Portal to be accessible. The IPs to be added will depend on your region and environment.<br />
<br />
<br />
== Overriding UniFi’s Captive Portal ==<br />
<br />
=== UniFi Network Controller ===<br />
<br />
Download the necessary files from our [https://assets.socialidnow.com/developers/wifi/unifi.zip repository]<br />
<br />
After downloading our files, head to your controller’s directory:<br />
<br />
*'''Linux:''' /usr/lib/unifi/data/sites/default/app-unifi-hotspot-portal<br />
*'''Mac:''' ~/Library/Application Support/UniFi/data/sites/default/app-unifi-hotspot-portal<br />
*'''Windows:''' Ubiquiti UniFi\data\sites\default\app-unifi-hotspot-portal<br />
<br />
Once you’re in the directory, perform the following steps:<br />
<br />
# Rename the index.html file to index.default.html<br><br />
# Extract our archive file to a temporary directory<br><br />
# Open the file sid_unifi.js and ensure the sidPortal variable has the link to the portal provided by CoffeeBean (e.g. var sidPortal = "https://wifi.socialidnow.com/portals/cbt-ubnt-unifi-lab";)<br><br />
# Copy the downloaded files into the UniFi controller directory<br><br />
# Restart the UniFi service running on your local machine<br />
<br />
=== UniFi Cloud Key ===<br />
<br />
In case you're using a Cloud Key in your network setup, the location to where the files should be exported is ''/srv/unifi/data/sites/default/app-unifi-hotspot-portal''<br><br />
Transfer the downloaded files to the Cloud Key via SFTP.<br />
<br />
== Customer Parameters ==<br />
<br />
The summary of customer specific parameters is:<br />
<br />
* '''RADIUS Server'''<br />
** '''IP Address:''' the RADIUS server IP according to your environment/region<br />
** '''Password/Shared Secret:''' the provided RADIUS client secret (Max Length 16 characters)<br />
* '''Guest Policies'''<br />
** '''Landing Page'''<br />
*** '''Promotional URL:''' the provided captive portal welcome URL<br />
* '''Access Control:''' get the list of IPs you want to enable to unauthenticated users at our [[Walled_Garden_for_the_Social_Login | documentation]].<br />
* '''Overriding portal:''' In the sid_unifi.js file, store the provided captive portal welcome URL in the variable ''sidPortal''</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Ruckus_ZoneDirectorRuckus ZoneDirector2019-05-14T14:42:19Z<p>Vicente.santos: </p>
<hr />
<div>The following guide was created using a Ruckus wireless network with the following components:<br />
<br />
* Controller: Ruckus ZoneDirector 1100 (ZD1106)<br />
* AP: Ruckus ZoneFlex 7300 Series (zf7372)<br />
* Firmware: 9.8.3.0 build 14<br />
<br />
Note that this guide supports only firmware version 9.8+.<br />
<br />
== Configuring the RADIUS server ==<br />
<br />
Configure the CoffeeBean RADIUS server by creating a new AAA Server.<br />
<br />
Go to "Configure > AAA Servers".<br />
<br />
=== RADIUS Authentication ===<br />
<br />
Click in the "Create New" link and fill the name, such as "AAA-SOCIAL-ID":<br />
<br />
[[File:RuckusZD AAA policy.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* Type: RADIUS<br />
* Auth Method: PAP<br />
* IP Address: 54.94.140.247<br />
* Port: 1812<br />
* Shared Secret: the provided RADIUS client secret<br />
* Confirm Secret: the provided RADIUS client secret<br />
<br />
=== RADIUS Accounting ===<br />
<br />
Create a new RADIUS server for Account. Click in the "Create New" link and fill the name, such as "AAA-SOCIAL-ID-ACCT":<br />
<br />
[[File:RuckusZD RADIUS Accounting.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* Type: RADIUS Accounting<br />
* IP Address: 54.94.140.247<br />
* Port: 1813<br />
* Shared Secret: the provided RADIUS client secret<br />
* Confirm Secret: the provided RADIUS client secret<br />
<br />
== Configuring the Hotspot service ==<br />
<br />
Go to "Configure > Hotspot Services", click in the "Create New" link and fill the Name, such as "CP-SOCIAL-ID":<br />
<br />
[[File:RuckusZD Hotspot Service.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* Login Page: the provided captive portal login URL<br />
* Start Page: select "redirect to the following URL:" and fill the provided captive portal start URL<br />
* Authentication Server: the previously RADIUS Authentication Server created (e.g.: "AAA-SOCIAL-ID")<br />
* Accounting Server: the previously RADIUS Accounting Server created (e.g.: "AAA-SOCIAL-ID-ACCT")<br />
<br />
=== Walled Garden ===<br />
<br />
Allow CoffeeBean Platform URLs and social network URLs by configuring the Hotspot Walled Garden destinations.<br />
<br />
Add the entries according to [[Captive_Portal#Walled_Garden_for_the_Social_Login | Walled Garden for the Social Login]] URLs:<br />
<br />
[[File:RuckusZD Walled Garden.png|800px]]<br />
<br />
== Configuring the WLAN ==<br />
<br />
Now you need to create a Wireless LAN with the Hotspot Service previously created.<br />
<br />
Go to "Configure > WLANs", click in the "Create New" link and fill the Name, such as "WLAN-SOCIAL-ID":<br />
<br />
[[File:RuckusZD WLAN.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* WLAN Usages > Type: Hotspot Service (WISPr)<br />
* Authentication Options > Method: Open<br />
* Encryption Options > Method: None<br />
* Options > Hotspot Services: the previously Hotspot Service created (e.g.: "CP-SOCIAL-ID")<br />
<br />
=== WLAN Group ===<br />
<br />
You need to associate the previously WLAN with a WLAN Group.<br />
<br />
Probably you already have a "Default" one, but you can also create a new one and associate the previously WLAN as a "Member":<br />
<br />
[[File:RuckusZD WLAN Group.png|800px]]<br />
<br />
== Configuring the Access Points ==<br />
<br />
=== Access Point Group ===<br />
<br />
You need to associate the WLAN Group previously created/configured to your Access Points.<br />
<br />
Go to "Configure > Access Points" and check "Access Point Groups" section.<br />
<br />
Probably you already have a "System Default" one, but you can also create a new one and assign the previously WLAN Group by overriding the configuration:<br />
<br />
[[File:Ruckus Access Point Group.png|800px]]<br />
<br />
=== Access Point ===<br />
<br />
At the last step you need to check if the APs you want to provide the Hotspot Service are assigned to the Access Point Group previously created/configured:<br />
<br />
[[File:RuckusZD Access Point.png|800px]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Ruckus_Virtual_SmartZoneRuckus Virtual SmartZone2019-05-14T14:41:39Z<p>Vicente.santos: </p>
<hr />
<div>The following guide was created using a Ruckus wireless network with the following components:<br />
<br />
* Controller: Ruckus Virtual SmartZone<br />
* Controller System Version: 3.2.1.0.163<br />
* AP: Ruckus ZoneFlex R310<br />
* AP Firmware: 3.2.0.0.593<br />
<br />
== Configuring the RADIUS server ==<br />
<br />
Configure the CoffeeBean RADIUS server by creating a new AAA Server.<br />
<br />
Go to "Configuration > Wireless Network > AAA Servers > Proxy AAA".<br />
<br />
=== RADIUS Authentication ===<br />
<br />
For "Authenticaton Service", click in the "Create New" link and fill the name, such as "AAA-SOCIAL-ID":<br />
<br />
[[File:RuckusSZ AAA policy.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* Service Protocol: RADIUS<br />
* IP Address: 54.94.140.247<br />
* Port: 1812<br />
* Shared Secret: the provided RADIUS client secret<br />
* Confirm Secret: the provided RADIUS client secret<br />
<br />
=== RADIUS Accounting ===<br />
<br />
For "Accounting Service", click in the "Create New" link and fill the name, such as "AAA-SOCIAL-ID-ACCT":<br />
<br />
[[File:RuckusSZ RADIUS Accounting.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* IP Address: 54.94.140.247<br />
* Port: 1813<br />
* Shared Secret: the provided RADIUS client secret<br />
* Confirm Secret: the provided RADIUS client secret<br />
<br />
== Configuring the Hotspot (WISPr) ==<br />
<br />
Go to "Configuration > Wireless Network > Hotspot (WISPr)", click in the "Create New" link and fill the Portal Name, such as "CP-SOCIAL-ID":<br />
<br />
[[File:RuckusSZ Hotspot.png|800px]]<br />
<br />
Then fill the following info on "Redirection" section:<br />
<br />
* Logon URL: select "External" and fill the "Redirect unauthenticated user to the URL for authentication" with the provided captive portal login URL<br />
* Start Page: select "Redirect to the following URL:" and fill the provided captive portal start URL<br />
<br />
You can also adjust the "Session Timeout" and "Grace Period" according to your specifications.<br />
<br />
=== Walled Garden ===<br />
<br />
Allow CoffeeBean Platform URLs and social network URLs by configuring the Hotspot Walled Garden destinations.<br />
<br />
Add the entries according to [[Walled_Garden_for_the_Social_Login | Walled Garden for the Social Login]] URLs:<br />
<br />
[[File:RuckusSZ Walled Garden.png|800px]]<br />
<br />
== Configuring the WLAN ==<br />
<br />
Now you need to create a Wireless LAN with the Hotspot (WISPr) previously created.<br />
<br />
Go to "Configuration > Wireless Network > WLANs", click in the "Create New" WLAN Configuration and fill the Name and SSID, such as "WLAN-SOCIAL-ID":<br />
<br />
[[File:RuckusSZ WLAN.png|800px]]<br />
<br />
Then fill the following info:<br />
<br />
* WLAN Usage > Authentication Type: Hotspot (WISPr)<br />
* Authentication Options > Method: Open<br />
* Encryption Options > Method: None<br />
* Hotspot Portal > Hotspot (WISPr) Portal: the previously Hotspot (WISPr) created (e.g.: "CP-SOCIAL-ID")<br />
* Hotspot Portal > Authentication Server: check the "Use the Controller as Proxy" and select the previously RADIUS Authentication Server created (e.g.: "AAA-SOCIAL-ID")<br />
* Hotspot Portal > Accounting Server: check the "Use the Controller as Proxy" and select the previously RADIUS Accounting Server created (e.g.: "AAA-SOCIAL-ID-ACCT")<br />
<br />
[[File:RuckusSZ WLAN Hotspot.png|800px]]<br />
<br />
=== WLAN Group ===<br />
<br />
You need to associate the previously WLAN with a WLAN Group.<br />
<br />
Probably you already have a "Default" one, but you can also create a new one and associate the previously WLAN as a "Member":<br />
<br />
[[File:RuckusSZ WLAN Group.png|800px]]<br />
<br />
== Configuring the Access Points ==<br />
<br />
You need to associate the WLAN Group previously created/configured to your Access Points.<br />
<br />
Go to "Configuration > Wireless Network > APs" and check "AP Groups" section.<br />
<br />
Click in the "Create New" AP Group and fill the Name, such as "APG-SOCIAL-ID":<br />
<br />
[[File:RuckusSZ AP Group.png|800px]]<br />
<br />
Add the Access Points to the group:<br />
<br />
[[File:RuckusSZ AP Group Members.png|800px]]<br />
<br />
Then assign the previously WLAN Group by overriding the configuration:<br />
<br />
[[File:RuckusSZ AP Group WLAN.png|800px]]<br />
<br />
If you prefer, you can also override the WLAN Group for each AP individually.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Mikrotik_RouterOSMikrotik RouterOS2019-05-14T14:34:22Z<p>Vicente.santos: </p>
<hr />
<div>The following guide was created using a Mikrotik network with the following components:<br />
<br />
* Router: Mikrotik RouterBoard 450G<br />
* Firmware: 3.22<br />
* RouterOS: v6.23<br />
<br />
== Requirements ==<br />
<br />
You need to have a Mikrotik RouterBoard with Internet access already configured.<br />
<br />
You can reset your RouterBoard and connect the cable with Internet access at the ethernet gateway port (ether1-gateway).<br />
<br />
By default, the RouterBoard is configured with automatic address acquisition, so it will get the IP and Gateway from your Internet cable connection and will set up a DHCP Client also.<br />
<br />
This guide was created using the WebFig configuration interface, but you can apply the same settings using the Winbox.<br />
<br />
== Interfaces ==<br />
<br />
By default, the RouterBoard 450G comes with 5 ports and the following interfaces:<br />
<br />
* ether1-gateway<br />
* ether2-master-local<br />
* ether3-slave-local<br />
* ether4-slave-local<br />
* ether5-slave-local<br />
<br />
In this guide, we'll create a new interface (bridge-hotspot) and associate one of the slaves interface to the bridge.<br />
<br />
=== Ethernet ===<br />
<br />
Go to Interfaces and edit one of the interfaces (e.g. ether4-slave-local). Change the following options:<br />
<br />
* Name: ether4<br />
* Master Port: none<br />
<br />
[[File:1-setup-interface.png|800px]]<br />
<br />
=== Bridge ===<br />
<br />
Go to Bridge and click in "Add New". Set the following options:<br />
<br />
* Name: bridge-hotspot<br />
<br />
[[File:2-add-bridge.png|800px]]<br />
<br />
=== Bridge Port ===<br />
<br />
Now you need to associate the Ethernet interface to the bridge.<br />
<br />
Go to Bridge > Ports tab and click in "Add New". Set the following options:<br />
<br />
* Interface: ether4<br />
* Bridge: bridge-hotspot<br />
<br />
[[File:3-add-port-to-bridge.png|800px]]<br />
<br />
== Radius ==<br />
<br />
Go to Radius and click in "Add New". Set the following options:<br />
<br />
* Enabled: checked<br />
* Service: Hotspot<br />
* Address: the [[Captive_Portal#RADIUS_Server|RADIUS server IP]] according to your environment/region<br />
* Secret: the provided RADIUS client secret<br />
* Authentication Port: 1812<br />
* Accounting Port: 1813<br />
<br />
[[File:4-add-radius-server.png|800px]]<br />
<br />
== Hotspot ==<br />
<br />
Go to IP > Hotspot.<br />
<br />
Mikrotik offers a wizard (Hotspot Setup) to create almost all resources related to the Hotspot.<br />
<br />
=== Hotspot Setup ===<br />
<br />
Click in "Hotspot Setup".<br />
<br />
Choose the "bridge-hotspot" as the "Hotspot Interface":<br />
<br />
[[File:5-hotspot-setup-interface.png|800px]]<br />
<br />
Set "Local Address of Network" as 10.5.50.1/24:<br />
<br />
[[File:6-hotspot-setup-network.png|800px]]<br />
<br />
Let the default value (10.5.50.2-10.5.50.254) for "Address Pool of Network":<br />
<br />
[[File:7-hotspot-setup-pool.png|800px]]<br />
<br />
Set "Select Certificate" as "none":<br />
<br />
[[File:8-hotspot-setup-certificate.png|800px]]<br />
<br />
Set the "IP Address of SMTP Server" as "0.0.0.0":<br />
<br />
[[File:9-hotspot-setup-smtp.png|800px]]<br />
<br />
Set the DNS servers:<br />
<br />
* 10.5.50.1<br />
* 8.8.8.8 (optional)<br />
* 8.8.4.4 (optional)<br />
<br />
[[File:10-hotspot-setup-dns.png|800px]]<br />
<br />
Set the "DNS Name" as "social-id-hotspot-dns":<br />
<br />
[[File:11-hotspot-setup-dns-name.png|800px]]<br />
<br />
And create the default Hotspot user:<br />
<br />
[[File:12-hotspot-setup-user.png|800px]]<br />
<br />
You can remove this user later.<br />
<br />
Now you have your Hotspot resources created. You'll need to change some settings in the following steps.<br />
<br />
=== User Profile ===<br />
<br />
Go to IP > Hotspot > User Profiles. Edit the default entry and change the following options:<br />
<br />
* Session Timeout: 00:30:00<br />
* Idle Timeout: clear this entry<br />
* Shared Users: clear this entry<br />
<br />
[[File:13-edit-user-profile.png|800px]]<br />
<br />
=== Server Profile ===<br />
<br />
Go to IP > Hotspot > Server Profiles. Edit the hsprof1 entry and change the following options:<br />
<br />
* Login By: check only "HTTP PAP" option<br />
* Use RADIUS: checked<br />
* MAC Format: XX:XX:XX:XX:XX:XX (default option)<br />
* Accounting: checked (default option)<br />
<br />
[[File:14-edit-server-profile.png|800px]]<br />
<br />
[[File:15-edit-server-profile-radius.png|800px]]<br />
<br />
=== Hotspot Server ===<br />
<br />
Go to IP > Hotspot > Servers. Edit the hs-bridge-hotspot and change the following options:<br />
<br />
* Idle Timeout: set the desired timeout (e.g.: 00:05:00)<br />
* Addresses Per MAC: 1<br />
<br />
[[File:16-edit-hotspot-server.png|800px]]<br />
<br />
=== Walled Garden ===<br />
<br />
Allow CoffeeBean Platform URLs and social network URLs by configuring the Walled garden.<br />
<br />
Go to IP > Hotspot > Walled Garden. For each [[Walled_Garden_for_the_Social_Login | Walled Garden for the Social Login]] domain you need to use, create an entry in the Walled Garden.<br />
<br />
For example, to add *.socialidnow.com, click in "Add New" and set the following options:<br />
<br />
* Dst. Host: *.socialidnow.com<br />
<br />
[[File:17-add-walled-garden.png|800px]]<br />
<br />
At the end, you'll have something like this:<br />
<br />
[[File:18-walled-garden-list.png|800px]]<br />
<br />
== Files ==<br />
<br />
When you create a hotspot on Mikrotik, it automatically adds all the files and directories, creating an "internal" portal hosted on Mikrotik, so when a client connects to the network, it is redirected to this portal.<br />
<br />
If you lose this files, you can recreate them by going into IP > Hotspot > Hotspot Server, click to edit your server and then click in the button "Reset HTML". The file structure is similar to this:<br />
<br />
[[File:19-files.png|800px]]<br />
<br />
The CoffeeBean Wi-Fi portal is an external portal, in the cloud. So you need to redirect the internal login page to the external one hosted by CoffeeBean. <br />
<br />
You must replace your hotspot/login.html file by:<br />
<br />
<html><br />
<head><br />
<title>Login</title><br />
<meta http-equiv="refresh" content="0; url=http://wifi.socialidnow.com/portals/<portal-name>/auth?client_mac=$(mac)&client_ip=$(ip)&login_url=$(link-login-only)" /><br />
<meta http-equiv="pragma" content="no-cache"><br />
<meta http-equiv="expires" content="-1"><br />
</head><br />
<body><br />
</body><br />
</html><br />
<br />
Where <portal-name> must be replaced by your portal name.<br />
<br />
To replace this file you can use a FTP client to connect to Mikrotik appliance.<br />
<br />
== Wireless Gateway ==<br />
<br />
Mikrotik offers products in the Wireless and Ethernet Routers categories, both running RouterOS.<br />
<br />
If you have a Wireless appliance, you can just configure the Wireless Interface to the Bridge, and your Wireless network will be ready to manage user authentication by the Hotspot server.<br />
<br />
If you have an Ethernet Router, you can use it as a gateway to manage Hotspot services. Connect an AP from any vendor to the configured Hotspot Interface, so all clients connected to the AP will be required to authenticate through Mikrotik Hotspot Server. To create this guide we set up a Cisco Aironet AP, with open authentication, and connected to the Mikrotik's ether4 port, that is a slave for the hotspot bridge.<br />
<br />
== Security ==<br />
<br />
Don't forget to follow some simple security guidelines:<br />
<br />
* Set a strong password for any admin user.<br />
* Review firewall rules (IP > Firewall).</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Extreme_WirelessExtreme Wireless2019-05-14T14:24:11Z<p>Vicente.santos: </p>
<hr />
<div>== Introduction ==<br />
<br />
This guide describes the configuration steps to enable an external captive portal in the cloud-based network controller ExtremeWireless.<br />
<br />
ExtremeWireless provides multiple approaches to configure External Captive Portals (ECP):<br />
<br />
External Captive Portal: <br />
* '''External Authorization (ECPEA):''' is a variant of ECP where the web server is responsible for contacting any back-end authentication server in order to verify a user’s credentials and to determine the access control role to assign to a station. It’s required to call an API to approve the user and handle the response.<br />
* '''External Captive Portal:''' Internal Authorization (ECPIA): is a variant of captive portal where the captive portal web server is hosted on the controller and relies on the controller to handle authenticating and authorizing the station. The controller uses one or more external RADIUS servers to perform authentication and authorization of credentials. It’s required to call an API to approve the user and handle the response.<br />
* '''Firewall Friendly External Captive Portal (FF-ECP):''' describes a variation on the wireless controller’s External Captive Portal (ECP) support that addresses customers who use a public cloud-based ECP. Redirect the browser to the controller to approve the user.<br />
<br />
CoffeeBean Wi-Fi Platform uses RADIUS servers to authenticate users and is a service in the cloud, so the more appropriate approach to integrate with the platform is the Firewall-Friendly External Captive Portal (FF-ECP).<br />
<br />
This guide was created using the following components:<br />
<br />
Controller: ExtremeWireless<br />
Version: 10.01.02<br />
<br />
== VNS Wizard ==<br />
<br />
To configure a Firewall Friendly External Captive Portal VNS using the VNS wizard:<br />
<br />
# From the top menu, click VNS. The Virtual Network Configuration screen displays.<br />
# In the left pane, click New, then click START VNS WIZARD. The VNS Creation Wizard screen displays.<br />
<br />
[[File:Extreme VNS Creation Wizard.png|800px]]<br />
<br />
Configure the following options:<br />
<br />
* '''Name:''' type a name for the Firewall Friendly Captive Portal VNS<br />
* '''Category:''' select “Captive Portal”<br />
<br />
Click ''next'' continue to configure.<br />
<br />
=== Basic Settings ===<br />
<br />
The Basic Settings screen displays:<br />
<br />
[[File:Extreme Basic Settings.png|800px]]<br />
<br />
Configure the following options:<br />
<br />
* '''Enabled:''' checked<br />
* '''SSID:''' type a name for the SSID<br />
* '''Authentication Mode:''' select “Firewall Friendly External Captive Portal”<br />
* '''Mode:''' select “Routed”<br />
* '''Gateway:''' 192.168.101.1 (or whatever you like)<br />
* '''Mask:''' 255.255.255.0 (or whatever you like)<br />
* '''VLAN ID:''' 50 and ensure “Untagged” is selected.<br />
* '''Redirection URL:''' the provided captive portal login URL<br />
* '''Identity:''' must be left empty<br />
* '''Shared Secret:''' must be left empty<br />
* '''Enable Authentication:''' checked<br />
* '''Enable DHCP:''' checked<br />
<br />
Click ''next'' to continue to configure.<br />
<br />
=== Authentication ===<br />
<br />
[[File:Extreme Authentication.png|800px]]<br />
<br />
Configure the following options:<br />
<br />
* '''Radius Server:''' click “Add New Server”.<br />
* '''Server Alias:''' Type a name you want to assign to the new RADIUS server.<br />
* '''Hostname/IP:''' the RADIUS server hostname according to your environment/region.<br />
* '''Shared Secret:''' the provided RADIUS client secret.<br />
* '''Roles:''' check “Authentication” and “Accounting”.<br />
<br />
Click ''next''. The DHCP screen displays.<br />
<br />
=== DHCP ===<br />
<br />
The DHCP screen displays:<br />
<br />
[[File:Extreme DHCP.png|800px]]<br />
<br />
Configure the following options:<br />
<br />
* '''DHCP Option:''' click “Local DHCP Server”<br />
* '''Address Range:''' from 192.168.101.1 to 192.168.101.254 (or whatever you like)<br />
* '''Lease:''' keep default values<br />
* '''DNS Servers:''' 8.8.8.8 (or whatever you like)<br />
<br />
Click ''next''. The Filtering screen displays.<br />
<br />
=== Filtering ===<br />
<br />
The Filtering screen displays:<br />
<br />
[[File:Selection 003.png|800px]]<br />
<br />
Select ''Non-Authenticated'' in Filter ID.<br />
<br />
Enable and allow the following filters:<br />
<br />
* DNS (0.0.0.0/0:53, UDP)<br />
* DHCP Server (0.0.0.0/0:67, UDP)<br />
<br />
Enable and deny the following filters:<br />
<br />
* (0.0.0.0/0)<br />
<br />
Click ''next''. The Privacy screen displays.<br />
<br />
=== Privacy ===<br />
<br />
The Privacy screen displays:<br />
<br />
[[File:Extreme Privacy.png|800px]]<br />
<br />
Select ''None'' and click ''next''. The Radio Assignment screen displays.<br />
<br />
=== Radio Assignment ===<br />
<br />
The Radio Assignment screen displays:<br />
<br />
[[File:Selection 004.png|800px]]<br />
<br />
In “Select APs”, select the group of APs that will broadcast the Captive Portal VNS (e.g.: all radios).<br />
<br />
Click ''next''. The Summary screen displays.<br />
<br />
=== Summary ===<br />
<br />
The Summary screen displays:<br />
<br />
[[File:Extreme Summary.png|800px]]<br />
<br />
Confirm your data VNS configuration.<br />
To revise your configuration, click ''Back''.<br />
To create your VNS, click ''Finish'', and then click ''Close''.<br />
<br />
== Roles ==<br />
<br />
To use HTTP redirection an access control role must be defined on the controller with the following characteristics:<br />
<br />
* The role allows the station to use DHCP, DNS and ARP.<br />
* The role allows the station to communicate with the external captive portal server using HTTP or HTTPS.<br />
* For FF-ECP, the role must allow the station to send traffic to the controller’s IP address on the VLAN containing the station’s traffic.<br />
* The role blocks at least some HTTP traffic, although not HTTP traffic destined for the External Captive Portal or the port on the controller to which the ECP will redirect authenticated stations.<br />
* The role must allow HTTP traffic for services used in the External Captive Portal (e.g. Facebook, Google Analytics, etc.).<br />
<br />
If you have followed the VNS Wizard, the following policy rules must already be available:<br />
<br />
* DNS (0.0.0.0/0:53, UDP)<br />
* DHCP Server (0.0.0.0/0:67, UDP)<br />
<br />
You’ll need to add policy rules to the services used by the CoffeeBean Captive Portal. See the list of [[Walled_Garden_for_the_Social_Login|hostnames]] in Walled garden and add the ones you use as matching patterns in the group Web Applications.<br />
<br />
<br />
== WLAN Services ==<br />
<br />
If you have followed the VNS Wizard you’ll have a WLAN service already created.<br />
<br />
Once the WLAN Service exists, the FF-ECP configuration takes place on the Auth & Acct tab:<br />
<br />
[[File:Extremen WLAN Guest Net.png |800px]]<br />
<br />
=== Captive Portal ===<br />
<br />
Configure the captive portal related addresses and the options that will be sent to the ECP. Start by clicking the ''Configure'' button.<br />
<br />
[[File:Extreme Captive Portal Configure.png|800px]]<br />
<br />
Configure the following options:<br />
<br />
* '''Identity:''' must be left empty<br />
* '''Shared Secret:''' must be left empty<br />
* '''Redirection URL:''' the provided captive portal login URL<br />
* '''Check at least the following attributes:'''<br />
** EWC IP & port<br />
** Associated BSSID<br />
** Station’s MAC address<br />
* '''Use HTTPS for User connections:''' unchecked<br />
* '''Send Successful Login To:''' select ''Captive Portal Session Page'' and configure the provided captive portal destination URL.<br />
<br />
Once the appropriate options have been selected on the Configure dialog box, click Close. This returns you to the WLAN Service Auth & Acct tab. The changes made in the Configure dialog box have not been saved. This is indicated by the message “* settings modified” that appears next to the captive portal configuration button. You must click Save on the Auth & Acct tab for the changes to take effect.<br />
<br />
[[File:Extremen WLAN Guest Net.png|800px]]<br />
<br />
=== RADIUS Server ===<br />
<br />
Click in the RADIUS server under ''Server'' and then click ''Configure''. The RADIUS Parameters<br />
dialog is displayed:<br />
<br />
[[File:Extreme RADIUS Parameters.png|800px]]<br />
<br />
Configure the following options:<br />
<br />
* '''Auth. type:''' PAP<br />
<br />
== Customer Parameters ==<br />
<br />
The summary of customer specific parameters is:<br />
<br />
'''Basic Settings'''<br />
* '''Redirection URL:''' the provided captive portal login URL<br />
* '''Authentication'''<br />
** '''Hostname/IP:''' the RADIUS server hostname according to your environment/region.<br />
** '''Shared Secret:''' the provided RADIUS client secret.<br />
* '''Policy Rules:''' see the list of hostnames in Walled garden.<br />
* '''Captive Portal'''<br />
** '''Send Successful Login To:''' configure the provided captive portal destination URL.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=ExtremeWireless_WiNG_5_WLANExtremeWireless WiNG 5 WLAN2019-05-14T14:19:30Z<p>Vicente.santos: </p>
<hr />
<div>The following guide was created using a Zebra Wireless network running Wing v5.5 solution.<br />
<br />
== Configuring the RADIUS server ==<br />
<br />
Configure the CoffeeBean RADIUS server by creating a new AAA Policy.<br />
<br />
Go to "Configuration > Network > AAA Policy", click in the "Add" button and fill the AAA Policy name, such as "AAA-COFFEEBEAN":<br />
<br />
[[File:Wing5 add aaa policy.png|800px]]<br />
<br />
=== RADIUS Authentication ===<br />
<br />
In the "RADIUS Authentication" tab click in the "Add" button and fill the following info:<br />
<br />
* Host: radius.socialidnow.com (Hostname)<br />
* Port: make sure that the chosen port is 1812<br />
* Secret: the provided RADIUS client secret<br />
* Request Proxy Mode: Through Centralized Controller or Through Wireless Controller<br />
<br />
Click "OK" to save these settings and then "Exit".<br />
<br />
[[File:Wing5 add radius authentication server.png|800px]]<br />
<br />
=== RADIUS Accounting ===<br />
<br />
In the "RADIUS Accounting" tab click in the "Add" button and fill the following info:<br />
<br />
* Host: radius.socialidnow.com (Hostname)<br />
* Port: make sure that the chosen port is 1813<br />
* Secret: the provided RADIUS client secret<br />
* Request Proxy Mode: Through Centralized Controller or Through Wireless Controller<br />
<br />
Click "OK" to save these settings and then "Exit".<br />
<br />
[[File:Wing5 add radius accounting server.png|800px]]<br />
<br />
=== RADIUS Settings ===<br />
<br />
In the "Settings" tab, double check these settings:<br />
<br />
* RADIUS Authentication > Protocol for MAC, Captive Portal Authentication: PAP<br />
* RADIUS Address Format > Attributes: All<br />
<br />
You can also configure which type of RADIUS Accounting packets you want to send (Start/Interim/Stop) and the request interval.<br />
<br />
[[File:Wing5 aaa policy settings.png|800px]]<br />
<br />
== Configuring the DNS Whitelist ==<br />
<br />
Go to "Configuration > Services > DNS Whitelist", click in the "Add" button and fill the "Name", such as "SOCIAL-LOGIN":<br />
<br />
[[File:Wing5 dns whitelist.png|800px]]<br />
<br />
Create the DNS Entries according to [[Captive_Portal#Walled_Garden_for_the_Social_Login | Walled Garden for the Social Login]] URLs. Add each URL as a "Hostname" and Match Suffix as "Yes"<br />
<br />
== Configuring the Captive Portal ==<br />
<br />
Go to "Configuration > Services > Captive Portal", click in the "Add" button and fill the Captive Portal Policy name, such as "CP-SOCIAL-ID":<br />
<br />
[[File:Wing5 add captive portal.png|800px]]<br />
<br />
=== Basic Configuration ===<br />
<br />
Change the following settings in the "Basic Configuration" tab:<br />
<br />
* Captive Portal Server Mode: Internal (Self) [you can select a more appropriate option if you prefer]<br />
* AAA Policy: the previously AAA Policy created (e.g.: "AAA-SOCIAL-ID")<br />
* Access Type: RADIUS Authentication<br />
* DNS Whitelist: the previously DNS Whitelist created (e.g.: "SOCIAL-LOGIN")<br />
* Enable RADIUS Accounting checkbox<br />
<br />
Click in "OK" to save the settings.<br />
<br />
=== Web Page ===<br />
<br />
Go to the "Web Page" tab to configure the external captive portal:<br />
<br />
* Web Page Source: Externally Hosted<br />
* Login URL: the provided captive portal login URL <span style="color: red">(*)</span><br />
* Welcome URL: the provided captive portal welcome URL<br />
* Fail URL: the provided captive portal fail URL<br />
<br />
<span style="color: red">(*) Important:</span> you need to add parameters to the Login URL query string to track client and AP MACs successfully. Example:<br />
<br />
http://wifi.socialidnow.com/portals/my-portal/auth?client_mac=WING_TAG_CLIENT_MAC&ap_mac=WING_TAG_AP_MAC&hs_server=WING_TAG_CP_SERVER&<br />
<br />
[[File:Wing5 captive portal web page.png|800px]]<br />
<br />
You can fill the other URLs if you need also. Click in "OK" to save the settings.<br />
<br />
== Configuring the Wireless LAN ==<br />
<br />
Now you need to associate the Captive Portal previously created to the Wireless LAN. You need to have a Wireless LAN already created and configured in order to proceed with this step.<br />
<br />
Select your Wireless LAN in "Configuration > Wireless > Wireless LANs" and go to the "Security" tab:<br />
<br />
[[File:Wing5 wireless lan security.png|800px]]<br />
<br />
In order to provide Free Wi-Fi with Captive Portal enabled you need to set the following parameters:<br />
<br />
* Select Authentication: PSK / None<br />
* Enforcement: check "Captive Portal Enable"<br />
* Captive Portal Policy: select the previously created Captive Portal Policy (e.g.: "CP-SOCIAL-ID")<br />
* Select Encryption: Open<br />
<br />
== Configuring the Device Services ==<br />
<br />
You need to add the Captive Portal Policy previously created to the Device Services responsible to perform the RADIUS authentication, such as the Controller or Access Point (AP).<br />
<br />
Select you device in "Configuration > Devices > Device Configuration" and go to the "Services" tab:<br />
<br />
[[File:Wing5 device services.png|800px]]<br />
<br />
Check the Captive Portal Policy previously created (e.g.: "CP-SOCIAL-ID").<br />
<br />
Also review the device DNS settings in "Network > DNS" tab.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Cisco_MerakiCisco Meraki2019-05-14T14:10:52Z<p>Vicente.santos: </p>
<hr />
<div>The following guide was created using Cisco Meraki MR18 APs.<br />
<br />
== Configuring the SSID ==<br />
<br />
If you don't have a SSID, you need to setup one first.<br />
<br />
To create a new SSID go to "Wireless > SSIDs", choose an unconfigured SSID, rename (e.g.: "CoffeeBean") and enable it:<br />
<br />
[[File:Meraki ssid.png|800px]]<br />
<br />
Now you need to setup the SSID Access control and Splash page. The next steps explain each of them.<br />
<br />
== Configuring the Access Control ==<br />
<br />
To configure the SSID Access Control, go to "Wireless > Access control", select the SSID previously created or your own SSID and apply the following settings:<br />
<br />
=== Network Access ===<br />
<br />
* Association requirements: Open (no encryption)<br />
* Splash page: Sign-on with my RADIUS server<br />
<br />
[[File:Meraki access control network access.png|800px]]<br />
<br />
=== RADIUS Server ===<br />
<br />
==== RADIUS Authentication ====<br />
<br />
On "RADIUS for splash page", click in "Add a Server" and fill with the following info:<br />
<br />
* Host: radius.socialidnow.com<br />
* Port: 1812<br />
* Secret: the provided RADIUS client secret<br />
<br />
==== RADIUS Accounting ====<br />
<br />
On "RADIUS accounting", select "RADIUS accounting is enabled".<br />
<br />
On "RADIUS accounting servers", click in "Add a Server" and fill with the following info:<br />
<br />
* Host: radius.socialidnow.com<br />
* Port: 1813<br />
* Secret: the provided RADIUS client secret<br />
<br />
<span style="color:red">Important note:</span> by default, the "RADIUS accounting" settings are not available in the Meraki account. You need to open a support case to request Meraki to enable this option. Just go to "Help > Cases", create a new case and usually within a day Meraki enables it.<br />
<br />
[[File:Meraki access control radius.png|800px]]<br />
<br />
You can also set "Captive portal strength" to "Block all access until sign-on is complete".<br />
<br />
=== Walled Garden ===<br />
<br />
Allow CoffeeBean Identity and Access Platform URLs and social network URLs by configuring the Walled garden destinations.<br />
<br />
On "Walled garden", you need to enable it by choosing "Walled garden is enabled" and fill the required domains on "Walled garden ranges".<br />
<br />
Add the entries according to [[Walled_Garden_for_the_Social_Login | Walled Garden for the Social Login]] URLs:<br />
<br />
[[File:Meraki access walled garden.png|800px]]<br />
<br />
<span style="color:red">Important note:</span> by default, the "Walled garden ranges" do not accept domain names and wildcards. You need to open a support case to request Meraki to enable this option. Just go to "Help > Cases", create a new case and usually within a day Meraki enables it.<br />
<br />
=== Addressing and traffic ===<br />
<br />
* Client IP assignment: NAT mode: Use Meraki DHCP<br />
* Content filtering: Block adult content<br />
<br />
[[File:Meraki access addressing and traffic.png|800px]]<br />
<br />
Then save your changes.<br />
<br />
== Configuring the Splash Page ==<br />
<br />
To configure the SSID Splash Page, go to "Wireless > Splash page", select the SSID previously created or your own SSID.<br />
<br />
You need to define a "Custom splash URL":<br />
<br />
* Or provide a URL where users will be redirected: the provided captive portal login URL<br />
<br />
[[File:Meraki splash page custom splash url.png|800px]]<br />
<br />
On "Splash behavior", you can configure:<br />
<br />
* Splash frequency: customize how often your users will see the splash page (e.g: Every hour).<br />
* Where should users go after the splash page?: select "A different URL:" and fill the provided captive portal start URL<br />
<br />
[[File:Meraki splash page custom splash behavior.png|800px]]<br />
<br />
Then save your changes.<br />
<br />
== SSID Availability ==<br />
<br />
By default, the SSID is enabled on all APs.<br />
<br />
If you want to limit on which APs the SSID is available, you can configure a Per-AP availability on "Wireless > SSID availability" by selecting which AP tags should be matched:<br />
<br />
[[File:Meraki ssid availability.png|800px]]<br />
<br />
Then save your changes.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Walled_Garden_for_the_Social_LoginWalled Garden for the Social Login2019-05-14T13:15:02Z<p>Vicente.santos: </p>
<hr />
<div>In order to enable social and traditional logins you need to configure a list of URLs that the users need to have access without being authenticated in the Wi-Fi network.<br />
<br />
This list of URLs, called Walled Garden, can be configured based on domain names or IPs. The most effective configuration is based on domain names, once most of current social networks and applications use dynamic IPs and CDNs to deliver their services, which is very difficult to track all IPs ranges being used.<br />
<br />
== Walled Garden by domain names ==<br />
<br />
Check if your vendor has full support to Walled Garden by DNS names. Some vendors accept domain names but resolve them to IP just once, which do not work for current applications using dynamic IP ranges.<br />
<br />
The following list of domains includes the subdomains required to be whitelisted using the *. wildcard. Depending of your vendor, it may not be necessary to include the *. wildcard, adding just the domain already includes all its subdomains. Check your vendor specifications.<br />
<br />
=== CoffeeBean Identity and Access Platform ===<br />
<br />
*.socialidnow.com<br />
<br />
=== Facebook Login ===<br />
<br />
facebook.com<br />
*.facebook.com<br />
*.facebook.net<br />
*.fbcdn.net<br />
*.fbsbx.com<br />
*.akamaihd.net<br />
*.akamaiedge.net<br />
<br />
For some devices, such as iOS, the Facebook also loads URLs from Google domain. In order to prevent issues like "Error opening page" alerts that are showed on Apple CNA, you also needs to add the following Google domains:<br />
<br />
*.doubleclick.net<br />
*.google.com<br />
*.google.com.br (for Brazil deployments)<br />
<br />
=== Facebook Account Kit Login ===<br />
<br />
Add the domains from Facebook login plus:<br />
<br />
*.accountkit.com<br />
<br />
=== Google+ Login ===<br />
<br />
*.gstatic.com<br />
*.googleusercontent.com<br />
*.google.com<br />
*.googleapis.com<br />
<br />
=== Twitter Login ===<br />
<br />
*.twimg.com<br />
*.twitter.com<br />
<br />
=== LinkedIn Login ===<br />
<br />
*.licdn.com<br />
*.linkedin.com<br />
<br />
=== Google Analytics ===<br />
<br />
*.google-analytics.com<br />
<br />
=== YouTube ===<br />
<br />
*.youtube.com<br />
*.ytimg.com<br />
*.google.com<br />
*.gstatic.com<br />
*.doubleclick.net<br />
*.googlevideo.com<br />
*.googleadservices.com<br />
<br />
Also add the google.com domain for your country, for example: *.google.com.br (Brazil).<br />
<br />
=== Bypass Apple CNA ===<br />
<br />
Sometimes you want to bypass the Apple CNA (Captive Network Assistant) portal. Add the following urls to disable it:<br />
<br />
apple.com<br />
captive.apple.com<br />
appleiphonecell.com<br />
ibook.info<br />
itools.info<br />
thinkdifferent.us<br />
<br />
=== Bypass Android Captive Portal Login ===<br />
<br />
Sometimes you want to bypass the Android Captive Portal Login browser. Add the following domains to disable it:<br />
<br />
connectivitycheck.gstatic.com<br />
connectivitycheck.android.com<br />
clients3.google.com<br />
<br />
== Walled Garden by IP ranges ==<br />
<br />
<span style="color: red">Important:</span> the following list of IPs can change over time. You need to regularly check if new ranges were added or removed in order to keep all services working as expected. You can also inform us if any new IP range was added to a service by sending an email to [mailto:support@socialidnow.com support@socialidnow.com].<br />
<br />
This list of IPs was generated based on the IP Address Blocks from public AS Numbers (ASN) of the following services. These ranges are very wide which can lead to security breaches or enabling unwanted services. In some cases you can restrict ranges to the ones used in your country.<br />
<br />
=== CoffeeBean Identity and Access Platform ===<br />
<br />
The CoffeeBean Platform can be used from different regions.<br />
<br />
Consider one of the following lists according to your Captive Portal region deployment:<br />
<br />
==== Production: South America (sa-east) ====<br />
<br />
18.228.0.0/15<br />
18.231.0.0/16<br />
52.67.0.0/16<br />
52.94.248.48/28<br />
52.95.240.0/24<br />
52.95.255.0/28<br />
54.94.0.0/16<br />
54.207.0.0/16<br />
54.232.0.0/15<br />
177.71.128.0/17<br />
<br />
==== Production: Europe Central (eu-central) ====<br />
<br />
3.120.0.0/14<br />
18.153.0.0/16<br />
18.184.0.0/15<br />
18.194.0.0/15<br />
18.196.0.0/15<br />
35.156.0.0/14<br />
52.28.0.0/15<br />
52.46.184.0/22<br />
52.57.0.0/16<br />
52.58.0.0/15<br />
52.94.248.112/28<br />
52.95.248.0/24<br />
52.95.255.128/28<br />
54.93.0.0/16<br />
<br />
==== Staging: United States (us-east) ====<br />
<br />
178.128.135.142<br />
206.189.236.3<br />
18.228.104.17<br />
<br />
=== Facebook Login ===<br />
<br />
31.13.24.0/21<br />
31.13.64.0/18<br />
31.13.64.0/19<br />
45.64.40.0/22<br />
66.220.144.0/20<br />
69.63.176.0/20<br />
69.171.224.0/19<br />
74.119.76.0/22<br />
103.4.96.0/22<br />
129.134.0.0/16<br />
157.240.0.0/16<br />
173.252.64.0/18<br />
179.60.192.0/22<br />
185.60.216.0/22<br />
199.201.64.0/22<br />
204.15.20.0/22<br />
<br />
=== Twitter Login ===<br />
<br />
64.63.0.0/18<br />
69.12.56.0/21<br />
69.195.160.0/19<br />
103.252.112.0/22<br />
104.244.40.0/21<br />
185.45.4.0/22<br />
185.45.4.0/23<br />
192.44.68.0/23<br />
192.48.236.0/23<br />
192.133.76.0/22<br />
199.16.156.0/22<br />
199.59.148.0/22<br />
199.69.58.0/23<br />
199.96.56.0/21<br />
199.96.56.0/23<br />
202.160.128.0/22<br />
209.237.192.0/19<br />
<br />
=== LinkedIn Login ===<br />
<br />
8.22.161.0/24<br />
64.152.25.0/24<br />
70.42.142.0/24<br />
103.20.92.0/23<br />
103.20.94.0/23<br />
108.174.0.0/20<br />
144.2.0.0/22<br />
144.2.7.0/24<br />
144.2.192.0/22<br />
185.63.144.0/23<br />
185.63.147.0/24<br />
199.101.161.0/24<br />
204.2.228.0/24<br />
208.50.161.0/24<br />
208.203.151.0/24<br />
<br />
=== Google Login ===<br />
<br />
8.8.4.0/24<br />
8.8.8.0/24<br />
8.15.202.0/24<br />
8.34.208.0/21<br />
8.34.216.0/21<br />
8.35.192.0/21<br />
8.35.200.0/21<br />
23.236.48.0/20<br />
23.251.128.0/19<br />
34.64.0.0/10<br />
35.184.0.0/13<br />
35.192.0.0/12<br />
35.208.0.0/12<br />
35.224.0.0/12<br />
35.240.0.0/13<br />
45.121.228.0/22<br />
64.15.112.0/20<br />
64.233.160.0/19<br />
66.102.0.0/20<br />
66.249.64.0/19<br />
70.32.128.0/19<br />
72.14.192.0/18<br />
74.114.24.0/21<br />
74.125.0.0/16<br />
89.207.231.0/24<br />
103.62.64.0/22<br />
104.132.0.0/16<br />
104.133.0.0/17<br />
104.134.128.0/17<br />
104.154.0.0/15<br />
104.196.0.0/14<br />
107.167.160.0/19<br />
107.178.192.0/18<br />
108.59.80.0/20<br />
108.170.192.0/18<br />
108.177.0.0/17<br />
113.197.106.0/24<br />
130.211.0.0/16<br />
136.112.0.0/12<br />
142.250.0.0/15<br />
146.148.0.0/17<br />
162.216.148.0/22<br />
162.216.148.0/23<br />
162.222.176.0/21<br />
172.102.8.0/21<br />
172.110.32.0/21<br />
172.217.0.0/16<br />
172.253.0.0/16<br />
173.194.0.0/16<br />
173.255.112.0/20<br />
185.25.28.0/23<br />
185.150.148.0/22<br />
185.150.148.0/23<br />
192.104.160.0/23<br />
192.158.28.0/22<br />
192.158.28.0/23<br />
192.178.0.0/15<br />
199.36.154.0/23<br />
199.36.156.0/24<br />
199.91.151.0/24<br />
199.192.112.0/22<br />
199.192.112.0/23<br />
199.223.232.0/21<br />
207.223.160.0/20<br />
208.65.152.0/22<br />
208.65.152.0/23<br />
208.68.108.0/22<br />
208.81.188.0/22<br />
208.117.224.0/19<br />
209.85.128.0/17<br />
209.107.176.0/20<br />
216.58.192.0/19<br />
216.73.80.0/20<br />
216.239.32.0/19<br />
216.252.220.0/22<br />
216.252.220.0/23</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=GET_datastore/schemas/:schema_name/objects/:idGET datastore/schemas/:schema name/objects/:id2019-05-10T19:23:21Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Returns a specific Object.<br />
<br />
== Resource URL ==<br />
<br />
GET https://api.socialidnow.com/v1/marketing/datastore/schemas/:schema_name/objects/:id<br />
<br />
== Parameters ==<br />
<br />
=== URL Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | schema_name<br />
| width="200px" | required<br />
| schema name.<br />
|-<br />
! align="left" width="200px" | id<br />
| width="200px" | required<br />
| object identifier.<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | ok (200)<br />
| The request was successful.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | not_found (404)<br />
| Schema or object not found.<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
=== Response Body ===<br />
<br />
{|<br />
! align="left" width="200px" | object_id<br />
| object identifier.<br />
|-<br />
! align="left" width="200px" | user_id<br />
| user identifier.<br />
|-<br />
! align="left" width="200px" | created_at<br />
| date of object creation.<br />
|-<br />
! align="left" width="200px" | updated_at<br />
| date of object latest update.<br />
|-<br />
! align="left" width="200px" | [fields]<br />
| custom fields defined in the schema.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Returns information of the object "54481188e5cb7cffe4000003" from the schema named "first_schema".<br />
<br />
curl -iX GET 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema/objects/54481188e5cb7cffe4000003' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 200 Ok<br />
Status: 200<br />
<br />
==== Response Body ====<br />
<br />
{<br />
"object_id": "54481188e5cb7cffe4000003",<br />
"user_id": 340,<br />
"created_at": "2014-10-24T14:48:00Z",<br />
"updated_at": "2014-10-24T14:48:00Z",<br />
"first_field": "First Object",<br />
"second_field": 123<br />
}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=POST_datastore/schemas/:schema_name/objects/searchPOST datastore/schemas/:schema name/objects/search2019-05-10T19:22:54Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Searches for Objects in the Schema.<br />
<br />
The datastore schema search is powered by a limited version of the [https://docs.mongodb.com/v3.4/reference/operator/aggregation-pipeline/ MongoDB Aggregation Pipeline].<br />
<br />
Some operators and stages are not allowed in the datastore searches. The set of allowed operators is:<br />
<br />
* Comparison operators: $gt $gte $lt $lte $ne $in $nin<br />
* Boolean operators: $or $and $not $nor<br />
* Element operators: $exists<br />
* Array operators: $all $elemMatch $size<br />
* Group accumulator operators: $sum $avg $first $last $max $min $push $addToSet<br />
* Date operators: $dayOfYear $dayOfMonth $dayOfWeek $year $month $week $hour $minute $second $millisecond<br />
* String operators: $concat $substr $toLower $toUpper $strcasecmp $regex<br />
* Arithmetic operators: $add $subtract $multiply $divide $mod<br />
* Set operators: $setEquals $setIntersection $setUnion $setDifference $setIsSubset $anyElementTrue $allElementsTrue<br />
<br />
And the available stages are:<br />
<br />
* match<br />
* group<br />
* project<br />
* sort<br />
* limit<br />
* skip<br />
<br />
You can find examples in the [https://docs.mongodb.com/v3.4/reference/operator/aggregation-pipeline/ MongoDB documentation], including a [https://docs.mongodb.com/v3.4/reference/sql-aggregation-comparison/ SQL to Aggregation Map]. The JSON parameters for each stage follows the same structure from MongoDB examples. Example:<br />
<br />
MongoDB for the SQL "SELECT COUNT(*) AS count FROM orders":<br />
<br />
db.orders.aggregate( [<br />
{<br />
$group: {<br />
_id: null,<br />
count: { $sum: 1 }<br />
}<br />
}<br />
] )<br />
<br />
JSON Parameters:<br />
<br />
{ <br />
"stages": [<br />
{<br />
"group": {<br />
"_id": null,<br />
"count": { "$sum": 1 }<br />
}<br />
}<br />
]<br />
}<br />
<br />
or:<br />
<br />
{ <br />
"group": {<br />
"_id": null,<br />
"count": { "$sum": 1 }<br />
}<br />
}<br />
<br />
== Resource URL ==<br />
<br />
POST https://api.socialidnow.com/v1/marketing/datastore/schemas/:schema_name/objects/search<br />
<br />
== Parameters ==<br />
<br />
=== URL Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | schema_name<br />
| width="200px" | required<br />
| schema name.<br />
|}<br />
<br />
=== JSON Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | stages<br />
| width="200px" | optional<br />
| an array of hashes in the format stage:value<br />
|-<br />
! align="left" width="200px" | match<br />
| width="200px" | optional<br />
| a match stage<br />
|-<br />
! align="left" width="200px" | group<br />
| width="200px" | optional<br />
| a group stage<br />
|-<br />
! align="left" width="200px" | sort<br />
| width="200px" | optional<br />
| a sort stage<br />
|-<br />
! align="left" width="200px" | project<br />
| width="200px" | optional<br />
| a project stage<br />
|-<br />
! align="left" width="200px" | skip<br />
| width="200px" | optional<br />
| a skip stage<br />
|-<br />
! align="left" width="200px" | limit<br />
| width="200px" | optional<br />
| a limit stage<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | ok (200)<br />
| The search was performed successfully.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | not_found (404)<br />
| The schema was not found.<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
=== Response Body ===<br />
<br />
A successful search returns the following fields:<br />
<br />
{|<br />
! align="left" width="200px" | total<br />
| total amount of objects found.<br />
|-<br />
! align="left" width="200px" | count<br />
| amount of objects returned in this page.<br />
|-<br />
! align="left" width="200px" | offset<br />
| amount of discarded objects (page start).<br />
|-<br />
! align="left" width="200px" | results<br />
| array with object details.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Returns all objects from the schema named "my_schema" which have the attribute "email" present:<br />
<br />
curl -iX POST 'https://api.socialidnow.com/v1/marketing/datastore/schemas/my_schema/objects/search' \<br />
-d "{\"match\":{\"email\":{\"\$exists\":true}}}" \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 200 Ok<br />
Status: 200<br />
<br />
==== Response Body ====<br />
<br />
{<br />
"total": 2,<br />
"count": 2,<br />
"offset": 0,<br />
"results": [<br />
{<br />
"object_id": "54481188e5cb7cffe4000003",<br />
"user_id": 340,<br />
"created_at": "2014-10-24T14:48:00Z",<br />
"updated_at": "2014-10-24T14:48:00Z",<br />
"email": "john@example.com",<br />
"second_field": 123<br />
},<br />
{ ... }<br />
]<br />
}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=POST_datastore/schemas/:schema_name/objectsPOST datastore/schemas/:schema name/objects2019-05-10T19:21:54Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Creates a new Object for a Schema.<br />
<br />
== Resource URL ==<br />
<br />
POST https://api.socialidnow.com/v1/marketing/datastore/schemas/:schema_name/objects<br />
<br />
== Parameters ==<br />
<br />
=== URL Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | schema_name<br />
| width="200px" | required<br />
| schema name.<br />
|}<br />
<br />
=== JSON Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | object<br />
| width="200px" | required<br />
| a hash in the format field:value, with the necessary fields to create an object:<br />
|-<br />
! align="left" width="180px" style="padding-left: 20px" | user_id<br />
| width="200px" | required<br />
| user identifier.<br />
|-<br />
! align="left" width="180px" style="padding-left: 20px" | [fields]<br />
| width="200px" | optional<br />
| custom fields defined in the schema.<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | created (201)<br />
| The object was created successfully.<br />
|-<br />
! align="left" width="200px" | bad_request (400)<br />
| Some required parameter was not informed.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | not_found (404)<br />
| The schema was not found.<br />
|-<br />
! align="left" width="200px" | unprocessable_entity (422)<br />
| Validation error in the field "object".<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Creates a new object for the schema named "first_schema".<br />
<br />
curl -iX POST 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema/objects' \<br />
-d '{<br />
"object": {<br />
"user_id": 340,<br />
"first_field": "First Object",<br />
"second_field": 123<br />
}<br />
}' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 201 Created<br />
Location: 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema/objects/54481188e5cb7cffe4000003'<br />
Status: 201</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=GET_datastore/schemas/:schema_name/objectsGET datastore/schemas/:schema name/objects2019-05-10T19:21:26Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Returns all Objects from a Schema.<br />
<br />
== Resource URL ==<br />
<br />
GET https://api.socialidnow.com/v1/marketing/datastore/schemas/:schema_name/objects<br />
<br />
== Parameters ==<br />
<br />
=== URL Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | schema_name<br />
| width="200px" | required<br />
| schema name.<br />
|-<br />
! align="left" width="200px" | user_id<br />
| width="200px" | optional<br />
| user identifier to filter results.<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | ok (200)<br />
| The search was performed successfully.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | not_found (404)<br />
| The schema was not found.<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
=== Response Body ===<br />
<br />
A successful search returns the following fields:<br />
<br />
{|<br />
! align="left" width="200px" | total<br />
| total amount of objects found.<br />
|-<br />
! align="left" width="200px" | count<br />
| amount of objects returned in this page.<br />
|-<br />
! align="left" width="200px" | offset<br />
| amount of discarded objects (page start).<br />
|-<br />
! align="left" width="200px" | results<br />
| array with object details.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Returns all objects from the schema named "first_schema".<br />
<br />
curl -iX GET 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema/objects' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 200 Ok<br />
Status: 200<br />
<br />
==== Response Body ====<br />
<br />
{<br />
"total": 2,<br />
"count": 2,<br />
"offset": 0,<br />
"results": [<br />
{<br />
"object_id": "54481188e5cb7cffe4000003",<br />
"user_id": 340,<br />
"created_at": "2014-10-24T14:48:00Z",<br />
"updated_at": "2014-10-24T14:48:00Z",<br />
"first_field": "First Object",<br />
"second_field": 123<br />
},<br />
{ ... }<br />
]<br />
}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=DELETE_datastore/schemas/:schema_nameDELETE datastore/schemas/:schema name2019-05-10T19:20:51Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Removes a Schema.<br />
<br />
== Resource URL ==<br />
<br />
DELETE https://api.socialidnow.com/v1/marketing/datastore/schemas/:schema_name<br />
<br />
== Parameters ==<br />
<br />
=== URL Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | schema_name<br />
| width="200px" | required<br />
| schema name.<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | ok (200)<br />
| The schema was removed successfully.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | not_found (404)<br />
| The schema was not found.<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Removes the schema named "first_schema".<br />
<br />
curl -iX DELETE 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 200 Ok<br />
Status: 200</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=PUT_datastore/schemas/:schema_namePUT datastore/schemas/:schema name2019-05-10T19:18:03Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Updates a Schema.<br />
<br />
== Resource URL ==<br />
<br />
PUT https://api.socialidnow.com/v1/marketing/datastore/schemas/:schema_name<br />
<br />
== Parameters ==<br />
<br />
=== URL Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | schema_name<br />
| style="width:200px" | required<br />
| schema name.<br />
|}<br />
<br />
=== JSON Parameters ===<br />
<br />
{|<br />
! width="200px" align="left" | schema<br />
| width="200px" | required<br />
| a hash in the format: field:value, with the necessary fields to update the schema:<br />
|-<br />
! align="left" width="180px" style="padding-left: 20px" | name<br />
| width="200px" | optional<br />
| schema name.<br />
|-<br />
! align="left" width="160px" style="padding-left: 20px" | fields<br />
| width="200px" | optional<br />
| an array of hashes in the format field:value, with the necessary fields to create a field: ('''Important''': if this field is informed, it will replace all the existing fields of the schema)<br />
|-<br />
! align="left" width="160px" style="padding-left: 40px" | name<br />
| width="200px" | required<br />
| field name.<br />
|-<br />
! align="left" width="160px" style="padding-left: 40px" | type<br />
| width="200px" | required<br />
| field type (array, boolean, date, date_time, float, hash, integer, string, time).<br />
|-<br />
! align="left" width="160px" style="padding-left: 40px" | unique<br />
| width="200px" | optional<br />
| whether the field must be unique or not.<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | ok (200)<br />
| The schema was updated successfully.<br />
|-<br />
! align="left" width="200px" | bad_request (400)<br />
| Some required parameter was not informed.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | not_found (404)<br />
| The schema was not found.<br />
|-<br />
! align="left" width="200px" | unprocessable_entity (422)<br />
| Validation error in the field "schema".<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Updates the schema named "first_schema".<br />
<br />
curl -iX PUT 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema' \<br />
-d '{<br />
"schema": {<br />
"name":"new_first_schema"<br />
}<br />
}' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 200 Ok<br />
Status: 200</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=GET_datastore/schemas/:schema_nameGET datastore/schemas/:schema name2019-05-10T19:17:26Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Returns a specific Schema.<br />
<br />
== Resource URL ==<br />
<br />
GET https://api.socialidnow.com/v1/marketing/datastore/schemas/:schema_name<br />
<br />
== Parameters ==<br />
<br />
=== URL Parameters ===<br />
<br />
{|<br />
! align="left" width="200px" | schema_name<br />
| width="200px" | required<br />
| schema name.<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | ok (200)<br />
| The request was successful.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | not_found (404)<br />
| The schema was not found.<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
=== Response Body ===<br />
<br />
{|<br />
! align="left" width="180px" | name<br />
| schema name.<br />
|-<br />
! align="left" width="180px" | fields<br />
| array of hashes with fields description:<br />
|-<br />
! align="left" width="180px" style="padding-left: 20px" | name<br />
| field name.<br />
|-<br />
! align="left" width="180px" style="padding-left: 20px" | type<br />
| field type.<br />
|-<br />
! align="left" width="180px" style="padding-left: 20px" | unique<br />
| whether the field is unique.<br />
|-<br />
! align="left" width="180px" | created_at<br />
| date of schema creation.<br />
|-<br />
! align="left" width="180px" | updated_at<br />
| date of schema latest update.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Returns information of the schema named "first_schema".<br />
<br />
curl -iX GET 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 200 Ok<br />
Status: 200<br />
<br />
==== Response Body ====<br />
<br />
{<br />
"name": "first_schema",<br />
"fields": [<br />
{<br />
"name": "first_field",<br />
"type": "string",<br />
"unique": false<br />
},<br />
{<br />
"name": "second_field",<br />
"type": "integer",<br />
"unique": true<br />
},<br />
{<br />
"name": "third_field",<br />
"type": "date_time",<br />
"unique": false<br />
}<br />
],<br />
"created_at": "2014-10-24T12:15:00Z",<br />
"updated_at": "2014-10-24T12:15:00Z"<br />
}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=POST_datastore/schemasPOST datastore/schemas2019-05-10T19:17:08Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Creates a new Schema.<br />
<br />
== Resource URL ==<br />
<br />
POST https://api.socialidnow.com/v1/marketing/datastore/schemas<br />
<br />
== Parameters ==<br />
<br />
=== JSON Parameters ===<br />
<br />
{|<br />
! align="left" width="160px" | schema<br />
| width="200px" | required<br />
| a hash in the format field:value, with the necessary fields to create a schema:<br />
|-<br />
! align="left" width="160px" style="padding-left: 20px" | name<br />
| width="200px" | required<br />
| schema name.<br />
|-<br />
! align="left" width="160px" style="padding-left: 20px" | fields<br />
| width="200px" | optional<br />
| an array of hashes in the format field:value, with the necessary fields to create a field:<br />
|-<br />
! align="left" width="160px" style="padding-left: 40px" | name<br />
| width="200px" | required<br />
| field name.<br />
|-<br />
! align="left" width="160px" style="padding-left: 40px" | type<br />
| width="200px" | required<br />
| field type (array, boolean, date, date_time, float, hash, integer, string, time).<br />
|-<br />
! align="left" width="160px" style="padding-left: 40px" | unique<br />
| width="200px" | optional<br />
| whether the field must be unique or not. Default: false<br />
|}<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | created (201)<br />
| The schema was created successfully.<br />
|-<br />
! align="left" width="200px" | bad_request (400)<br />
| Some required parameter was not informed.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | unprocessable_entity (422)<br />
| Validation error in the field "schema".<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
Creates a new schema named "first_schema" with two fields, one named "first_field" with "string" type and another one named "second_field" with "integer" type.<br />
<br />
curl -iX POST 'https://api.socialidnow.com/v1/marketing/datastore/schemas' \<br />
-d '{<br />
"schema": {<br />
"name":"first_schema",<br />
"fields":[<br />
{ "name":"first_field", "type":"string" },<br />
{ "name":"second_field", "type":"integer", "unique": true },<br />
{ "name":"third_field", "type":"date_time", "unique": false }<br />
]<br />
}<br />
}' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 201 Created<br />
Location: 'https://api.socialidnow.com/v1/marketing/datastore/schemas/first_schema'<br />
Status: 201</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=GET_datastore/schemasGET datastore/schemas2019-05-10T19:16:43Z<p>Vicente.santos: </p>
<hr />
<div>== Description ==<br />
<br />
Returns all Schemas from the Account.<br />
<br />
== Resource URL ==<br />
<br />
GET https://api.socialidnow.com/v1/marketing/datastore/schemas<br />
<br />
== Authentication ==<br />
<br />
This API requires Account authentication. See [[Authentication]].<br />
<br />
== Response ==<br />
<br />
=== Response Status ===<br />
{|<br />
! align="left" width="200px" | ok (200)<br />
| The search was performed successfully.<br />
|-<br />
! align="left" width="200px" | unauthorized (401)<br />
| The authentication is wrong. See [[Authentication]].<br />
|-<br />
! align="left" width="200px" | internal_server_error (500)<br />
| An unknown error happened.<br />
|}<br />
<br />
=== Response Body ===<br />
<br />
A successful search returns the following fields:<br />
<br />
{|<br />
! align="left" width="200px" | total<br />
| total amount of schemas found.<br />
|-<br />
! align="left" width="200px" | count<br />
| amount of schemas returned in this page.<br />
|-<br />
! align="left" width="200px" | offset<br />
| amount of discarded schemas (page start).<br />
|-<br />
! align="left" width="200px" | results<br />
| array with schema details.<br />
|}<br />
<br />
== Examples ==<br />
<br />
=== Request ===<br />
<br />
curl -iX GET 'https://api.socialidnow.com/v1/marketing/datastore/schemas' \<br />
-H 'Content-type: application/json' \<br />
--user 138:e8b9ca24f1b590af67e6271297d6e1f7226625d61c5b5daa1b2f215464e292cf<br />
<br />
=== Response ===<br />
<br />
==== Response Headers ====<br />
<br />
HTTP/1.1 200 Ok<br />
Status: 200<br />
<br />
==== Response Body ====<br />
<br />
{<br />
"total": 2,<br />
"count": 2,<br />
"offset": 0,<br />
"results": [<br />
{<br />
"name": "first_schema",<br />
"fields": [<br />
{<br />
"name": "first_field",<br />
"type": "string",<br />
"unique": false<br />
},<br />
{<br />
"name": "second_field",<br />
"type": "integer",<br />
"unique": true<br />
},<br />
{<br />
"name": "third_field",<br />
"type": "date_time",<br />
"unique": false<br />
}<br />
],<br />
"created_at": "2014-10-24T12:15:00Z",<br />
"updated_at": "2014-10-24T12:15:00Z"<br />
},<br />
{ ... }<br />
]<br />
}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=User_GuidesUser Guides2019-05-10T18:53:45Z<p>Vicente.santos: </p>
<hr />
<div>== Social Apps ==<br />
<br />
*[[Facebook Social App User Guide]]<br />
*[[Google Social App User Guide]]<br />
*[[Linkedin Social App User Guide]]<br />
*[[Twitter Social App User Guide]]<br />
<br />
== Social Login ==<br />
<br />
*[[Social Login User Guide]]<br />
*[[Single Sign On User Guide]]<br />
*[[Social Login Tokens|Understand the tokens used on Social Login]]<br />
*[[Facebook Application Settings | How to configure a Facebook application]]<br />
*[[Social Profile Fields| List of information captured on Social Networks]]<br />
*[[Login App Security Settings]]<br />
*[[Cross-Origin Authentication using Javascript APIs]]<br />
<br />
== Engagement Engine ==<br />
<br />
*[[Web Push Notifications User Guide]]<br />
<br />
== IBM Partner ==<br />
<br />
CoffeeBean Technology is an [http://www.coffeebeantech.com/integrations/ibm-marketing-cloud IBM global partner] offering the Identity and Access Platform as a solution for [http://www-304.ibm.com/partnerworld/gsd/solutiondetails.do?&solution=53119&lc=en Watson Marketing] and [http://www-304.ibm.com/partnerworld/gsd/solutiondetails.do?&solution=54340&lc=en Watson Commerce].<br />
<br />
We provide the following user guides:<br />
<br />
*[[IBM UBX Integration Guide|IBM Universal Behavior Exchange and IBM Marketing Cloud integration guide]]<br />
*[[Social-ID & IBM Sandbox Guide|Social-ID & IBM Sandbox Guide]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Main_PageMain Page2019-05-10T18:50:10Z<p>Vicente.santos: </p>
<hr />
<div>[[Image:socialid.png|right|200px|Social ID]]<br />
<br />
Welcome to the CoffeeBean Identity and Access Platform Developers site.<br />
<br />
Get started with the following resources:<br />
<br />
* [[User Guides]]: contains detailed descriptions about how to configure, install and use our products.<br />
* [[RESTful APIs]]: contains detailed descriptions about all APIs available for integration.<br />
* [[Javascript APIs]]: contains detailed descriptions about all Javascript APIs available for integration.<br />
* [[Mobile SDKs]]: contains documentation and download links for our iOS and Android SDKs.<br />
* [[Examples]]: contains live examples showing our products in practice.<br />
* [[Social-ID Wi-Fi]]: contains documentation to configure Captive Portals on supported vendors.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=AuthenticationAuthentication2019-05-10T14:34:47Z<p>Vicente.santos: </p>
<hr />
<div>All CoffeeBean Restful APIs make use of HTTP Basic for authentication.<br />
<br />
Most APIs require authentication through the id/secret pair of an Account or a Login App. <br />
<br />
However, some APIs may be used without any authentication. An example is the login/info API, which only requires the Login App secret that can be found in the Social Login App settings.<br />
<br />
= Account Authentication =<br />
<br />
Each Account has its own id/secret pair to access available APIs.<br />
<br />
<b>This authentication must be used only on server applications (backend), never on client applications (frontend/mobile).</b><br />
<br />
== How to get Account id/secret pair? ==<br />
<br />
Once you log into the CoffeeBean Identity and Access Platform and set up an Account, access keys can be found in the following URL:<br />
<br />
https://app.socialidnow.com/marketing/apis<br />
<br />
== Example ==<br />
<br />
curl --user <api_id>:<api_secret> <nowiki>https://api.socialidnow.com/<path></nowiki><br />
<br />
= Login App Authentication =<br />
<br />
Each Login App has its own id/secret pair to access available APIs. In those APIs the information created or retrieved will always be associated with the Login App used for authentication.<br />
<br />
<b>This authentication must be used only on server applications (backend), never on client applications (frontend/mobile).</b><br />
<br />
== How to get Login App id/secret pair? ==<br />
<br />
Each Login App has an API area where access keys can be found:<br />
<br />
[https://app.socialidnow.com/marketing/login/apps/login_app_id/apis https://app.socialidnow.com/marketing/login/apps/<login_app_id>/apis]<br />
<br />
The App id is in the url (<login_app_id>). The App secret is the "API secret" key.<br />
<br />
== Example ==<br />
<br />
curl --user <login_app_id>:<api_secret> <nowiki>https://api.socialidnow.com/<path></nowiki><br />
<br />
= Login App Client Authentication =<br />
<br />
Each Login App has its own id/client secret pair to access available APIs. In those APIs the information created or retrieved will always be associated with the Login App used for authentication.<br />
<br />
<b>This authentication may be used on server applications (backend) or client applications (frontend/mobile).</b><br />
<br />
== How to get Login App id/client secret pair? ==<br />
<br />
Each Login App has an API area where access keys can be found:<br />
<br />
[https://app.socialidnow.com/marketing/login/apps/login_app_id/apis https://app.socialidnow.com/marketing/login/apps/<login_app_id>/apis]<br />
<br />
The App id is in the url (<login_app_id>). The App client secret is the "API client secret" key.<br />
<br />
== Example ==<br />
<br />
curl --user <login_app_id>:<api_client_secret> <nowiki>https://api.socialidnow.com/<path></nowiki><br />
<br />
= Wi-Fi API Authentication =<br />
<br />
Each Wi-Fi Account has its own id/secret pair to access available APIs.<br />
<br />
<b>This authentication must be used only on server applications (backend), never on client applications (frontend/mobile).</b><br />
<br />
== How to get Wi-Fi API id/secret pair? ==<br />
<br />
Once you log into the CoffeeBean Wi-Fi platform and set up your account, API credentials can be found in the following URL:<br />
<br />
https://wifi.socialidnow.com/admin/account/edit<br />
<br />
== Example ==<br />
<br />
curl --user <wifi_api_id>:<wifi_api_secret> <nowiki>https://wifi.socialidnow.com/<path></nowiki></div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Campaign_APIsCampaign APIs2019-05-10T13:45:47Z<p>Vicente.santos: </p>
<hr />
<div><span style="color: red; font-weight: bold">Deprecation notice:</span> these APIs have been deprecated since July 19, 2018.<br />
<br />
The CoffeeBean Identity and Access Platform allows the creation of custom Webforms to be used in marketing campaigns or any information collector in websites.<br />
<br />
Webforms are integrated into the Social Login and can be described by a 3-step workflow:<br />
* User identification through Social Login or e-mail based registration.<br />
* User filling out custom forms.<br />
* Registration confirmations, with notification that can be customized in the platform.<br />
<br />
The platform delivers a customizable widget that automatically performs the steps above. However, if you need a more flexible customization of the interface, the platform provides an API to allow an easier integration. See also the [[Social Login APIs]].<br />
<br />
== Registrations ==<br />
<br />
A Webform can have one or more registrations for the same user identified through Social Login or e-mail. This option can be customized during Webform set up.<br />
<br />
{|<br />
! align="left" width="300px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[POST campaigns/:campaign_id/registrations]]<br />
| Creates a new registration in the Social Login Webform, according to the custom field definition.<br />
|}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=OAuth_APIsOAuth APIs2019-05-10T13:40:06Z<p>Vicente.santos: </p>
<hr />
<div>Some CoffeeBean APIs require OAuth 2.0 authentication instead of HTTP Basic.<br />
<br />
In order to access them one needs first to request an access token through the '''Token Endpoint'''. Each access token has its own scope and allows a certain set of APIs.<br />
<br />
At the moment, OAuth authenticated APIs require either '''Login User Token''' or '''Login App Token''' authentication. See '''Token Endpoint''' below to instructions on how to get each kind of token.<br />
<br />
Please, refer to https://tools.ietf.org/html/rfc6749 if you are not familiar with the OAuth 2.0 protocol.<br />
<br />
== Token Endpoint ==<br />
<br />
{|<br />
! align="left" width="300px"| Resource<br />
! align="left" width="200px"| Grant Type<br />
! align="left"| Description<br />
|-<br />
| [[POST /oauth/token_password | POST /oauth/token]]<br />
| password<br />
| Generates a new Login User Token given a combination of username/email_address and password.<br />
|-<br />
| [[POST /oauth/token_provider_credentials | POST /oauth/token]]<br />
| provider_credentials<br />
| Generates a new Login User Token given an OAuth token issued by an external provider.<br />
|-<br />
| [[POST /oauth/token_provider_authorization_code | POST /oauth/token]]<br />
| provider_authorization_code<br />
| Generates a new Login User Token given an OAuth2 authorization code issued by an external provider.<br />
|-<br />
| [[POST /oauth/token_user_id | POST /oauth/token]]<br />
| user_id<br />
| Generates a new Login User Token given a user id.<br />
|-<br />
| [[POST /oauth/token_client_credentials | POST /oauth/token]]<br />
| client_credentials<br />
| Generates a new Login App Token.<br />
|-<br />
| [[POST /oauth/token_refresh_token | POST /oauth/token]]<br />
| refresh_token<br />
| Refreshes an access token, generating a new one.<br />
|}<br />
<br />
== Users ==<br />
<br />
{|<br />
! align="left" width="300px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[GET /oauth/login/user | GET login/user]]<br />
| Returns user information, including his/her profile (if required).<br />
|-<br />
| [[POST oauth/login/users | POST login/users]]<br />
| Creates a new user manually, given username and/or e-mail.<br />
|-<br />
| [[PUT oauth/login/user | PUT login/user]]<br />
| Updates username/e-mail/password information of an user.<br />
|-<br />
| [[POST oauth/login/users/reset_password_email | POST login/users/reset_password_email]]<br />
| Sends a reset password e-mail for a user given its username or e-mail.<br />
|-<br />
| [[PUT oauth/login/user/unlock | PUT login/user/unlock]]<br />
| Unlocks a user for login.<br />
|}<br />
<br />
== User Data ==<br />
<br />
{|<br />
! align="left" width="300px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[GET oauth/login/user/data | GET login/user/data]]<br />
| Returns user custom profile information.<br />
|-<br />
| [[PUT oauth/login/user/data | PUT login/user/data]]<br />
| Updates user custom profile information.<br />
|}<br />
<br />
== Devices ==<br />
<br />
{|<br />
! align="left" width="300px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[POST oauth/push_notifications/devices | POST push_notifications/devices]]<br />
| Adds a new device to the Social Login App devices list.<br />
|-<br />
| [[POST oauth/login/user/push_notifications/devices | POST login/user/push_notifications/devices]]<br />
| Relates a device with a Social Login User.<br />
|}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Datastore_APIsDatastore APIs2019-05-10T13:34:24Z<p>Vicente.santos: </p>
<hr />
<div>== Schemas ==<br />
<br />
{|<br />
! align="left" width="400px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[GET datastore/schemas]]<br />
| Returns all Schemas from the Account.<br />
|-<br />
| [[POST datastore/schemas]]<br />
| Creates a new Schema.<br />
|-<br />
|[[GET datastore/schemas/:schema_name]]<br />
| Returns a specific Schema.<br />
|-<br />
|[[PUT datastore/schemas/:schema_name]]<br />
| Updates a Schema.<br />
|-<br />
|[[DELETE datastore/schemas/:schema_name]]<br />
| Removes a Schema.<br />
|}<br />
<br />
== Objects ==<br />
<br />
{|<br />
! align="left" width="400px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[GET datastore/schemas/:schema_name/objects]]<br />
| Returns all Objects from a Schema.<br />
|-<br />
| [[POST datastore/schemas/:schema_name/objects]]<br />
| Creates a new Object for a Schema.<br />
|-<br />
| [[POST datastore/schemas/:schema_name/objects/search]]<br />
| Searches for Objects in the Schema.<br />
|-<br />
|[[GET datastore/schemas/:schema_name/objects/:id]]<br />
| Returns a specific Object.<br />
|-<br />
|[[PUT datastore/schemas/:schema_name/objects/:id]]<br />
| Updates an Object.<br />
|-<br />
|[[DELETE datastore/schemas/:schema_name/objects/:id]]<br />
| Removes an Object.<br />
|-<br />
|[[DELETE datastore/schemas/:schema_name/users/:user_id/objects]]<br />
| Removes all objects from an User.<br />
|}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Automation_Engine_APIsAutomation Engine APIs2019-05-10T13:27:08Z<p>Vicente.santos: </p>
<hr />
<div>== Triggers ==<br />
<br />
{|<br />
! align="left" width="350px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[POST rule_engine/triggers]]<br />
| Trigger an event for a Login App user.<br />
|}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Push_Notification_APIsPush Notification APIs2019-05-10T13:26:28Z<p>Vicente.santos: </p>
<hr />
<div>== Devices ==<br />
<br />
{|<br />
! align="left" width="350px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[POST push_notifications/devices]]<br />
| Adds a new device to the Login App devices list.<br />
|-<br />
| [[PUT push_notifications/devices/:id/link_to/:login_user_id]]<br />
| Relates a device with a Login App user.<br />
|}<br />
<br />
== Push Notifications ==<br />
<br />
{|<br />
! align="left" width="350px"| Resource<br />
! align="left"| Description<br />
|-<br />
| [[POST push_notifications/devices/:id/publish]]<br />
| Sends a push notification to a device.<br />
|-<br />
|[[POST push_notifications/login/apps/publish]]<br />
| Sends a push notification to all devices of a Login App.<br />
|-<br />
|[[POST push_notifications/login/users/:id/publish]]<br />
| Sends a push notification to all devices of a Login user.<br />
|}</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Android_SDK_SetupAndroid SDK Setup2019-05-10T13:17:54Z<p>Vicente.santos: </p>
<hr />
<div>= Configure CoffeeBean SDK in your app =<br />
<br />
You'll need 3 variables to configure the SDK:<br />
<br />
* SENDER_ID: Set up a project on Google Developers Console - https://console.developers.google.com/project. Get your project number. This will be used as the SENDER_ID in the SDK.<br />
* LOGIN_APP_ID: Set up a CoffeeBean LoginApp at: https://app.socialidnow.com/marketing/login/apps. Your key is the id of the app. This will be used as the LOGIN_APP_ID in the SDK.<br />
* LOGIN_APP_CLIENT_SECRET: The client secret can be found on the Call the API menu - https://app.socialidnow.com/marketing/login/apps/APP_ID/apis. This will be used as the LOGIN_APP_CLIENT_SECRET in the SDK.<br />
<br />
== Download the SDK == <br />
<br />
[[Android_SDK_Download|Download the SDK]]<br />
<br />
Import the AAR file into your existing AndroidStudio as a new module and update your project and app .gradle files to include the new module.<br />
<br />
Project ''settings.gradle'' file:<br />
<br />
include ':socialidsdk'<br />
<br />
App specific ''app/build.gradle'' file:<br />
<br />
dependencies {<br />
implementation project(':socialidsdk')<br />
}<br />
<br />
== Android Manifest ==<br />
<br />
Add the following definitions to AndroidManifest.xml immediately before opening the ''<application>'' tag:<br />
<br />
<uses-permission android:name="android.permission.INTERNET" /><br />
<uses-permission android:name="android.permission.USE_CREDENTIALS" /><br />
<br />
<nowiki><!-- BEGIN: use this if you need push notification support --></nowiki><br />
<uses-permission android:name="android.permission.WAKE_LOCK" /><br />
<uses-permission android:name="android.permission.VIBRATE" /><br />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /><br />
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" /><br />
<uses-permission android:name="com.YOUR_PACKAGE.C2D_MESSAGE" /><br />
<nowiki><!-- END: use this if you need push notification support --></nowiki><br />
<br />
Add the following definitions to AndroidManifest.xml inside the ''<application>'' tag:<br />
<br />
<nowiki><!-- BEGIN: use this if you need push notification support --></nowiki><br />
<receiver<br />
android:name="com.coffeebeantech.socialidsdk.notification.NotificationReceiver"<br />
android:permission="com.google.android.c2dm.permission.SEND" ><br />
<intent-filter><br />
<action android:name="com.google.android.c2dm.intent.RECEIVE" /><br />
<category android:name="com.YOUR_PACKAGE" /><br />
</intent-filter><br />
</receiver><br />
<receiver<br />
android:name="com.coffeebeantech.socialidsdk.registration.ConnectivityMonitor"<br />
android:enabled="false" ><br />
<intent-filter><br />
<action android:name="android.net.conn.CONNECTIVITY_CHANGE" /><br />
<category android:name="com.YOUR_PACKAGE" /><br />
</intent-filter><br />
</receiver><br />
<service android:name="com.coffeebeantech.socialidsdk.notification.NotificationService" /><br />
<service android:name="com.coffeebeantech.socialidsdk.registration.RegistrationService" /><br />
<nowiki><!-- END: use this if you need push notification support --></nowiki><br />
<br />
== Resources ==<br />
<br />
Add the following variables to your resources file:<br />
<br />
<nowiki><!-- Social Id configuration --></nowiki><br />
<string name="login_app_id">LOGIN_APP_ID</string>;<br />
<string name="login_app_client_secret">LOGIN_APP_CLIENT_SECRET</string>;<br />
<br />
<nowiki><!-- Google Project Number (if you need push notification support) --></nowiki><br />
<string name="sender_id">SENDER_ID</string>;<br />
<br />
== Usage ==<br />
<br />
Add the following import statements to your Activity:<br />
<br />
import com.coffeebeantech.socialidsdk.SocialId;<br />
import com.coffeebeantech.socialidsdk.notification.NotificationParameters;<br />
<br />
At your Activity onCreate method, call SocialId.configLoginProviders with the desired providers configuration and then call SocialId.config to set your Social-ID configuration using the resources set before:<br />
<br />
// pass the providers configuration that will be set<br />
SocialId.configLoginProviders(facebookConfiguration, gplusConfiguration, linkedinConfiguration, twitterConfiguration, emailConfiguration);<br />
<br />
// with push notifications support<br />
SocialId.config(this, "SENDER_ID", "LOGIN_APP_ID", "LOGIN_APP_CLIENT_SECRET");<br />
// without push notifications support<br />
SocialId.config(this, "LOGIN_APP_ID", "LOGIN_APP_CLIENT_SECRET");<br />
<br />
= Add Facebook Login to your app =<br />
<br />
Before starting to add the Facebook SDK, you must allow your Facebook App to receive requests from your Android project.<br />
<br />
* At the Facebook for developers page, find your Facebook App at [https://developers.facebook.com/apps/ My Apps]<br />
* Go to Settings > Basic<br />
* At the end of page click on "Add a Platform" and then select "Android"<br />
* Add your project package name at "Google Play Package Name" and your default activity class name at "Class Name"<br />
* Export your Development Key Hash using the instructions for your operating system, add the exported key to "Key Hashes" and then "Save Changes" to proceed to next steps<br />
: MacOS<br />
$ keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64 <br />
: Windows<br />
: You need the folowing:<br />
:* Key and Certificate Management Tool ('''keytool''') from the Java Development Kit<br />
:* [https://code.google.com/archive/p/openssl-for-windows/downloads openssl-for-windows] openssl library for Windows from the Google Code Archive<br />
$ keytool -exportcert -alias androiddebugkey -keystore "C:\Users\USERNAME\.android\debug.keystore" | "PATH_TO_OPENSSL_LIBRARY\bin\openssl" sha1 -binary | "PATH_TO_OPENSSL_LIBRARY\bin\openssl" base64<br />
<br />
Add the Facebook maven repository to your ''app/build.gradle'' before the ''dependencies'' area and add the latest Facebook SDK dependency to your list of dependencies:<br />
<br />
repositories {<br />
mavenCentral() <br />
}<br />
<br />
dependencies { <br />
implementation 'com.facebook.android:facebook-android-sdk:4.40.0'<br />
}<br />
<br />
== Android Manifest ==<br />
<br />
Add the Facebook ApplicationId that will be used in your AndroidManifest.xml inside the <application> tag as following:<br />
<br />
<meta-data<br />
android:name="com.facebook.sdk.ApplicationId"<br />
android:value="@string/facebook_app_id" /><br />
<br />
<nowiki><!-- If you want to make changes to the Facebook Login Activity you can do changes using de tag below --></nowiki><br />
<activity android:name="com.facebook.FacebookActivity"<br />
android:configChanges="keyboard|keyboardHidden|screenLayout|screenSize|orientation"<br />
android:label="@string/app_name" /><br />
</activity><br />
<br />
== Resources ==<br />
<br />
Add the following variables to your resources file:<br />
<br />
<!-- Facebook App ID --><br />
<string name="facebook_app_id">FACEBOOK_APP_ID</string><br />
<br />
<string-array name="facebook_permissions"><br />
<item>public_profile</item><br />
<item>user_birthday</item><br />
<item>email</item><br />
<item>user_location</item><br />
</string-array><br />
<br />
== Usage ==<br />
<br />
Initializes a new Facebook configuration and set the permissions:<br />
<br />
// Facebook configuration<br />
FacebookConfiguration facebookConfiguration = new FacebookConfiguration()<br />
.setPermissions("FACEBOOK_PERMISSIONS");<br />
<br />
= Add Twitter Login to your app =<br />
<br />
Add the '''twittersdk://''' to your [https://developer.twitter.com/en/apps Twitter App] Callback URLs to allow an Android project to use it.<br />
<br />
Add the Twitter JCenter repository to your app/build.gradle before the dependencies area and add the Twitter SDK dependency to your list of dependencies:<br />
<br />
repositories {<br />
jcenter()<br />
}<br />
<br />
dependencies {<br />
implementation('com.twitter.sdk.android:twitter:3.1.1') {<br />
transitive = true;<br />
}<br />
}<br />
<br />
== Resources ==<br />
<br />
<!-- Twitter Credentials --><br />
<string name="twitter_key">TWITTER_KEY</string><br />
<string name="twitter_secret">TWITTER_SECRET</string><br />
<br />
== Usage ==<br />
<br />
Initializes a new Twitter configuration and set the credentials:<br />
<br />
// Twitter configuration<br />
TwitterConfiguration twitterConfiguration = new TwitterConfiguration()<br />
.setTwitterKey("TWITTER_KEY")<br />
.setTwitterSecret("TWITTER_SECRET");<br />
<br />
<br />
= Add Google Login to your app =<br />
<br />
To add the Google Login to your Android project you must:<br />
<br />
* Have an Android and a Web Application "OAuth client ID" [https://console.developers.google.com/apis/credentials Credentials]<br />
** The Android Credential must be set with the SHA1 signing-certificate fingerprint and the Package Name to the Login with Google work. <br />
<br />
Example to export the SHA1 from the debug key:<br />
$ keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore -list -v<br />
<br />
<br />
Add the latest Google GCM and Auth SDK dependency to your list of dependencies:<br />
<br />
dependencies {<br />
implementation 'com.google.android.gms:play-services-gcm:16.0.0'<br />
implementation 'com.google.android.gms:play-services-auth:16.0.1'<br />
}<br />
<br />
== Resources ==<br />
<br />
Add the Client ID from the created Web Application credential to your resources file:<br />
<nowiki><!-- Google Client Server ID --></nowiki><br />
<string name="google_client_server_id">"WEB_APPLICATION_CLIENT_ID"</string>; <br />
<br />
== Usage ==<br />
<br />
Initializes a new Gplus configuration and set the client server id with the Web Application client ID:<br />
// Google+ configuration<br />
GplusConfiguration gplusConfiguration = new GplusConfiguration()<br />
.setClientServerId("WEB_APPLICATION_CLIENT_ID"));<br />
<br />
= Add Linkedin Login to your app =<br />
<br />
Add the following content to the ''assets/oauth_consumer.properties'' file. Custom Permissions must be a single string split by a comma (ex: r_liteprofile,r_emailaddress). Ensure the ''assets'' folder is at the same level as the ''res'' folder.<br />
#linkedin<br />
api.linkedin.com.consumer_key = LINKEDIN_CLIENT_ID<br />
api.linkedin.com.consumer_secret = LINKEDIN_CLIENT_SECRET<br />
api.linkedin.com.custom_permissions = LINKEDIN_PERMISSIONS <br />
<br />
== Resources ==<br />
<br />
Add the Linkedin Callback URI to your resources file:<br />
<br />
<nowiki><!-- Linkedin Callback URI --></nowiki><br />
<string name="linkedin_callback_uri">LINKEDIN_CALLBACK_URI</string><br />
<br />
== Usage ==<br />
<br />
Initializes a new Linkedin configuration and set the callback uri:<br />
<br />
// LinkedIn configuration<br />
LinkedinConfiguration linkedinConfiguration = new LinkedinConfiguration()<br />
.setCallbackUri("LINKEDIN_CALLBACK_URI");</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Single_Sign_On_User_GuideSingle Sign On User Guide2019-05-09T15:38:36Z<p>Vicente.santos: </p>
<hr />
<div>== Introduction ==<br />
<br />
Single Sign On (SSO) is a feature that enables users to be seamlessly logged in to multiple websites under the same organization without having to explicitly log in to each one of them. We provide a set of APIs that can be easily integrated into websites in order to perform SSO with Social Login or traditional Email/Password Login.<br />
<br />
== How To Implement Single Sign On ==<br />
<br />
A simple scenario with a group of websites implementing SSO is described below.<br />
<br />
The first step to implement SSO is to integrate each website with our Social Login, either using our widgets or APIs (Refer to our [[Social Login User Guide]] for more information). Note that, for SSO to work properly, all websites must be using the same Login App in the CoffeeBean platform. After each successful login, a connection_id token will be generated (Refer to [[Social Login Tokens#connection_id|Social Login Tokens]] for a complete reference on how our tokens work and all available APIs).<br />
<br />
In all websites, you must also implement a polling worker for the [[socialid.login.getConnectionStatus]] Javascript API. This worker will be responsible for detecting a change in the user connection status in the CoffeeBean platform. The change will be triggered whenever the user logs in to any website and will be detected by all other websites the user visits. At this point, the worker must send the connection_id token returned by the API to the website backend (Refer to the [[socialid.login.getConnectionStatus|API reference]] for details on how to obtain the connection_id from the API response).<br />
<br />
In the backend service, the connection_id must be validated with the [[GET login/connections/:id]] REST API. This integration allows the website to receive user profile information and perform the required authentication in a secure manner. This step should be similar to the integration with the [[GET login/info]] REST API described in the [[Social Login User Guide]].<br />
<br />
== Single Log Out ==<br />
<br />
Another useful use case of SSO is the Single Log Out, which consists in logging the user out from all websites whenever a logout is detected in one of them.<br />
<br />
This can be achieved using the same [[socialid.login.getConnectionStatus]] Javascript API used for SSO. However, in this scenario the user will change its status from logged in to logged out, which can also be detected and handled by all websites. Note that, if you have a custom mechanism for logout, you must also call our [[socialid.login.logout]] Javascript API during the logout process, so that we know about the event and can update the user connection status accordingly.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Social_Login_User_GuideSocial Login User Guide2019-05-09T15:01:58Z<p>Vicente.santos: </p>
<hr />
<div>== Introduction ==<br />
<br />
Social Login allows users to log into websites or applications using their Facebook, Twitter, LinkedIn, Google or Instagram accounts. This increases engagement and conversion rates by offering a simple registration mechanism where users can start interacting with the website with just 1 click instead of forcing the user to fill out multiple fields on a registration form. Most people use their social network accounts on a daily basis and would rather log in using these accounts than use a traditional email / password login.<br />
<br />
[[File:Social login diagram.png|400px]]<br />
<br />
Social Login implementation is divided into 3 steps:<br />
<br />
# Configure a Social Login instance<br />
# Install the widget on the website<br />
# Implement the callback on the website<br />
<br />
== Social Login Configuration ==<br />
<br />
[[File:Social login settings.png|500px]]<br />
<br />
The picture above shows the Social Login configuration screen. On this screen you have to fill out:<br />
<br />
* Name: a name for the Social Login instance (used as an internal reference only).<br />
* Callback URL: the URL that will receive a post request with the user identification token after a successful login attempt.<br />
* Registration methods: social networks that can be used to perform the Social Login. It is possible to change the social applications used here; these social applications can be configured on the social networks themselves to take branding like name and logo into consideration:<br />
<br />
[[File:Social id facebook app.png|500px]]<br />
<br />
The creation of social applications is done by following a configuration wizard:<br />
<br />
[[File:Social app id secret.png|500px]]<br />
<br />
== Widget Installation ==<br />
<br />
This installation is done by pasting a Javascript code snippet that loads the Social Login widget into place. The screen that allows configuring the widget theme and shows the Javascript code snippet is shown in the following picture:<br />
<br />
[[File:Social login widget code.png|300px]]<br />
<br />
When entering a page configured with the Javascript code, the following widget should be seen (if configured with the "bricks" theme):<br />
<br />
[[File:Social login widget bricks.png|200px]]<br />
<br />
Or if you use the "icons" theme:<br />
<br />
[[File:Social login widget icons.png|150px]]<br />
<br />
== Callback Implementation ==<br />
<br />
This step is used to integrate the social login with the user management system that is already on the website. We have APIs that allow this integration in a very simple way. The basic idea is to associate the user's "id" on the social login and the user's "id" on your website. Two things can happen:<br />
<br />
1. On the callback, the user's "id" is not related with any website user: in this case, a new user should be created (on the website) and associated with the social login user. If a user already exists, (say if the user created a traditional account), the user's account should be associated with the social login account.<br />
<br />
2. On the callback, the user's "id" is already associated with a website user: in this case, the user should be logged in.<br />
<br />
To get the user's "id" from the Social Login, follow the steps explained on the "Call the API" screen:<br />
<br />
[[File:Social login call api.png|500px]]<br />
<br />
=== Step 1: Extract the "token" parameter from POST data ===<br />
<br />
We send a parameter via POST called "token" that identifies the user that just registered/logged into the Social Login used on your website. Use this token to call the API and get the user's authentication information.<br />
<br />
=== Step 2: Call our API to get the user's authentication information ===<br />
<br />
Use the token you just received and your API secret to call the login/info API. You will receive a JSON data structure with basic information about the user and the authentication method used by him/her.<br />
<br />
URL to call:<br />
<br />
GET [https://api.socialidnow.com/v1/marketing/login/info?api_secret=secret&token=token https://api.socialidnow.com/v1/marketing/login/info?api_secret=<secret>&token=<token>]<br />
<br />
Parameters:<br />
* api_secret: you can get the "secret" on the "Call the API" screen<br />
* token: the token returned in step 1<br />
<br />
=== Step 3: Extract the user's "id" from the login/info response ===<br />
<br />
When you call the login/info API you'll get a response like this:<br />
<br />
[[File:Api login info.png|500px]]<br />
<br />
You can use the "id" field as a unique key to identify the user on your website. This is this user's "id" on the Social Login.<br />
<br />
== Social Login user session ==<br />
<br />
The login/info API returns another very important value: “connection_id”. We keep a session identification for every logged in user on the Social Login to use in certain APIs and widgets (to simplify the use of these resources). <br />
<br />
The moment the user logs into the Social Login, we store a session cookie on his/her browser and track the "connection_id" so that we can identify the user automatically on certain widgets and APIs. Some RESTful APIs require the "connection_id" value, and so it is returned by the login/info API.<br />
<br />
It is important to note that this "connection_id" value changes every time the user logs in, so it should only be used as a *session* identification method.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Twitter_Social_App_User_GuideTwitter Social App User Guide2019-05-09T14:55:48Z<p>Vicente.santos: </p>
<hr />
<div><br />
== Requirements ==<br />
To create a custom Twitter Login you must have a Twitter account, if you already have one, you can skip the registration form:<br />
<br />
:http://twitter.com/signup<br />
<br />
Your twitter account must have a phone number linked to it. If you didn't link your phone you can do it at:<br />
<br />
:https://twitter.com/settings/add_phone<br />
<br />
<br />
== Create New App ==<br />
<br />
Access the Twitter Apps page:<br />
<br />
:https://apps.twitter.com/<br />
<br />
Click on “Create New App”. Fill the requested form providing the following urls at the "Callback URLs":<br />
<br />
<nowiki>https://app.socialidnow.com/marketing/login/apps/<app_id>/sign_ins/auths/twitter/callback<br />
https://app.socialidnow.com/marketing/login/apps/<app_id>/sign_ins/events/auths/twitter/callback<br />
https://app.socialidnow.com/marketing/login/apps/<app_id>/connections/auths/twitter/callback<br />
https://app.socialidnow.com/marketing/login/apps/<app_id>/connections/events/auths/twitter/callback<br />
https://app.socialidnow.com/marketing/login/o_auth1/callback</nowiki><br />
<br />
Replace '''<app_id>''' by your Social Login App id.<br />
<br />
[[File:Social-apps-twitter-1.png| 820px]]<br />
<br />
<br />
== Application Settings ==<br />
<br />
Access "Keys and Access Token" tab and copy the "Consumer Key" (API key) and "Consumer Secret" (API secret). Provide them when demanded on the CoffeeBean platform.<br />
<br />
[[File:Social-apps-twitter-2.png| 600px]]<br />
<br />
<br />
== Permissions ==<br />
<br />
Set the permissions for your app. Common permissions are:<br />
* Access: Read only<br />
* Additional Permissions: check “Request email addresses from users”<br />
<br />
[[File:Social-apps-twitter-3.png| 720px]]<br />
<br />
<br />
== Create Custom Social Login App ==<br />
<br />
Access your CoffeeBean account at https://app.socialidnow.com/. Open the dropdown of your account and click on "Social Apps".<br />
<br />
<br />
[[File:Social-apps-select-social-apps.png| 720px]]<br />
<br />
<br />
Click on "Add a new Social App" and select Twitter type.<br />
<br />
[[File:Social-apps-social-app-type.png| 600px]]<br />
<br />
<br />
Choose a name for your Custom Social App and then fill up the form with the Consumer key and Consumer secret of the created Twitter app. Click on "Create the Social App" to get your Custom Twitter Social App.<br />
<br />
[[File:Social-apps-twitter-4.png| 600px]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Linkedin_Social_App_User_GuideLinkedin Social App User Guide2019-05-09T14:33:36Z<p>Vicente.santos: </p>
<hr />
<div><br />
== Requirements ==<br />
To create a custom LinkedIn Login you must have a LinkedIn account, if you already have one, you can skip the registration form:<br />
<br />
:https://www.linkedin.com/reg/join<br />
<br />
<br />
== Create Application ==<br />
<br />
Go to Linkedin Developers page:<br />
:https://www.linkedin.com/developer/apps<br />
<br />
Click on "Create Application" and fill the requested form.<br />
<br />
<br />
== Authentication ==<br />
<br />
Set “Default Application Permissions”. Common permissions are:<br />
* r_basicprofile<br />
* r_emailaddress<br />
<br />
<br />
Copy the generated Client ID and Client Secret and provide on the CoffeeBean Platform when requested .<br />
<br />
[[File:Social-apps-linkedin-1.png| 720px]]<br />
<br />
<br />
== Create Custom Social Login App ==<br />
<br />
Access your account at https://app.socialidnow.com/. Open the dropdown of your account and click on "Social Apps".<br />
<br />
[[File:Social-apps-select-social-apps.png| 720px]]<br />
<br />
<br />
Click on "Add a new Social App" and select Linkedin type.<br />
<br />
[[File:Social-apps-social-app-type.png| 600px]]<br />
<br />
<br />
Give a name for your Custom Social App, provide the credentials Client ID and Client Secret, from the created Linkedin App and then click "Create the Social App" to get your Custom Linkedin Social App.<br />
<br />
[[File:Social-apps-linkedin-2.png| 600px]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Google_Social_App_User_GuideGoogle Social App User Guide2019-05-09T14:14:47Z<p>Vicente.santos: </p>
<hr />
<div>== Requirements ==<br />
To create a Google Login you must have a Google account, if you already have one, you can skip the registration form:<br />
:https://accounts.google.com/signup<br />
<br />
== New Project ==<br />
Access the Google for Developers page:<br />
:https://console.developers.google.com/apis/<br />
<br />
Click on "Create a Project" or open the Project selector and click on "New Project"<br />
<br />
[[File:Social-apps-google-1.png| 720px]]<br />
<br />
<br />
Provide your Project's Name<br />
<br />
[[File:Social-apps-google-2.png| 500px]]<br />
<br />
== Enable APIs ==<br />
<br />
Click on Project Selector, select the created project and then click on "Enable APIs and Services". At the search field, look for "Google People API" and "Contacts API".<br />
<br />
[[File:Social-apps-google-3.png| 500px]]<br />
<br />
<br />
Enable both APIs by clicking Enable.<br />
<br />
[[File:Social-apps-google-4.png| 500px]]<br />
<br />
<br />
== Credentials ==<br />
<br />
At the Side Bar Menu go to "APIs & Services" > "Credentials". Access the "OAuth consent screen", provide at least the "Product name" and then save it.<br />
<br />
[[File:Social-apps-google-5.png| 500px]]<br />
<br />
<br />
Access "Credentials" tab and click on "Create credentials" > "OAuth client ID". Select "Web application" type, fill a name for this client, add the CoffeeBean URIs to "Authorized JavaScript origins" and "Authorized redirect URIs" and Create your OAuth client:<br />
<br />
::Authorized JavaScript origins: https://app.socialidnow.com<br />
::Authorized redirect URIs: https://app.socialidnow.com/marketing/login/gplus<br />
<br />
<br />
[[File:Social-apps-google-6.png| 720px]]<br />
<br />
When created, a modal will be displayed and will provide your app id and app secret (which can be accessed by clicking on the created OAuth Client). When demanded, provide these credentials at the Social-ID platform.<br />
<br />
[[File:Social-apps-google-7.png| 500px]]<br />
<br />
<br />
== Create Custom Login App ==<br />
<br />
Access your account at https://app.socialidnow.com/. Open the dropdown of your account and click on "Social Apps".<br />
<br />
[[File:Social-apps-select-social-apps.png| 720px]]<br />
<br />
Click on "Add a new Social App" and select Google type.<br />
<br />
[[File:Social-apps-social-app-type.png| 600px]]<br />
<br />
Choose a name for your Social App and provide the Client ID and Client Secret from the created Google OAuth Client.<br />
<br />
At this point, you can request permission for each piece of information you want to capture from Google Account when users log in using your Social App. With all set, just click on "Create the Social App" to get your Custom Google Social App.<br />
<br />
[[File:Social-apps-google-8.png| 600px]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Facebook_Social_App_User_GuideFacebook Social App User Guide2019-05-09T13:24:26Z<p>Vicente.santos: </p>
<hr />
<div><br />
== Requirements ==<br />
<br />
To follow these steps you will need a Facebook account. If you don't have one you can sign up at the link:<br />
<br />
:https://www.facebook.com/signup<br />
<br />
To create a custom app, Facebook requires that you validate your account by adding at least one mobile phone. You can do this accessing your settings page at the Mobile tab:<br />
<br />
:https://www.facebook.com/settings?tab=mobile<br />
<br />
== Add a New App ==<br />
<br />
Access Facebook for Developers page (If you don't have an account you will be requested to create one):<br />
<br />
:https://developers.facebook.com/apps<br />
<br />
Click on "Add a New App" and choose your Custom Facebook Application's name.<br />
<br />
[[File:Social-apps-facebook-1.png| 500px]]<br />
<br />
<br />
== Facebook Login ==<br />
<br />
Add the Facebook Login to your application clicking at "Set Up".<br />
<br />
[[File:Social-apps-facebook-2.png| 300px]]<br />
<br />
Select Web type and fill the Site URL with your website URL.<br />
<!--<nowiki>https://app.socialidnow.com/ </nowiki><br />
<br />
[[File:Social-apps-facebook-3.png| 720px]]--><br />
<br />
Save Changes and, at Side Bar Menu, click on Facebook Login Settings and add Social-ID OAuth URI as a Valid OAuth Redirect URI:<br />
<br />
<nowiki>https://app.socialidnow.com/marketing/login/o_auth2/callback</nowiki><br />
<br />
[[File:Social-apps-facebook-4.png| 720px]]<br />
<br />
== Settings ==<br />
<br />
When asked at Social-ID, provide your App ID and App Secret, found at Settings > Basic:<br />
<br />
[[File:Social-apps-facebook-5.png| 720px]]<br />
<br />
<br />
== Create Custom Social Login App ==<br />
<br />
Access your marketing account at https://app.socialidnow.com/. Open the drop-down of your account and click on "Social Apps"<br />
<br />
<br />
[[File:Social-apps-select-social-apps.png| 720px]]<br />
<br />
<br />
Click on "Add a new Social App" and select Facebook type.<br />
<br />
[[File:Social-apps-social-app-type.png| 600px]]<br />
<br />
Choose a name for your App and provide the Facebook Login App ID and App Secret.<br />
<br />
At this point, you can request permission for each piece of information you want to capture from Facebook when users log in using your App. With all set, click on "Create the Social App" to get your Custom Facebook Social App.<br />
<br />
[[File:Social-apps-facebook-6.png| 600px]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Wi-Fi_PlatformWi-Fi Platform2019-05-09T13:07:59Z<p>Vicente.santos: </p>
<hr />
<div>The CoffeeBean Identity and Access Management Platform integrates to Wi-Fi vendors to offer the following services:<br />
<br />
* [[Captive Portal]]: integrates the Social Login and RaaS (Registration-as-a-Service) to enable users to register in Wi-Fi networks using their social networks or traditional credentials.<br />
* Indoor Location: enables indoor events, such as customer presence and proximity to regions, to drive commercial actions. The indoor location analytics helps understand user behavior in physical places.<br />
<br />
== Resources ==<br />
<br />
* [[Wi-Fi APIs]]<br />
* [[Walled Garden for the Social Login]]<br />
* [[Captive Portal Customizations]]<br />
<br />
== Supported Vendors ==<br />
<br />
{|<br />
! style="text-align:left; width: 250px;"| Logo<br />
! style="text-align:left; width: 200px;"| Website<br />
! style="text-align:left; width: 250px;"| Supported Devices and Captive Portal Configuration Guides<br />
! style="text-align:left; width: 200px;"| Indoor Location Events<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Aerohive logo.jpg|200px]]</p><br />
|[https://www.aerohive.com Aerohive Networks]<br />
|<br />
* HiveManager (cloud)<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Aruba hp lockup 140x68.png]]</p><br />
|[https://www.arubanetworks.com Aruba Networks]<br />
|<br />
* [[Aruba IAP]]<br />
* [[Aruba Controller]]<br />
|<br />
* Geofence Notify<br />
* Presence<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Cambium-logo.png|200px]]</p><br />
|[https://www.cambiumnetworks.com Cambium Networks]<br />
|<br />
* cnPilot<br />
* cnMaestro (cloud)<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Cisco-meraki.png|200px]]</p><br />
|[https://meraki.cisco.com Cisco Meraki]<br />
|<br />
* [[Cisco Meraki|Cisco Meraki (cloud)]]<br />
* [[Cisco Wireless LAN Controller (WLC)]]<br />
|<br />
* Meraki: Devices Seen<br />
* CMX Location: In/Out, Absence, Association, Area Change, Location Update<br />
* CMX Presence/Cloud: Passerby Detected, Passerby Became Visitor, Visitor Went Away, Device Gone, Site Entry Changed<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Extreme-logo.jpg|200px]]</p><br />
|[https://www.extremenetworks.com Extreme Networks]<br />
|<br />
* [[Zebra Wing 5 WLAN| WiNG WLAN]] (*)<br />
* [[Extreme Wireless| ExtremeWireless]]<br />
|<br />
* ADSP (*): Presence (Entered, Exit, Present), Region (Entered, Exit, Near, Present)<br />
* MPact (*): Dwell Time, Entry<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Mikrotik-logo.png|200px]]</p><br />
|[https://mikrotik.com Mikrotik]<br />
|<br />
* [[Mikrotik RouterOS]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Openmesh-logo.png|200px]]</p><br />
|[https://www.openmesh.com Open Mesh]<br />
|<br />
* [[OpenMesh CloudTrax|CloudTrax (cloud)]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Ruckus-logo.jpg|200px]]</p><br />
|[https://www.ruckuswireless.com Ruckus Wireless]<br />
|<br />
* [[Ruckus Virtual SmartZone]]<br />
* [[Ruckus ZoneDirector]]<br />
* Ruckus Standalone<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:UBNT Alternate Logo RGB.png|200px]]</p><br />
|[https://www.ui.com Ubiquiti Networks]<br />
|<br />
* [[Ubiquiti UniFi]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Logo-zyxel.png|200px]]</p><br />
|[https://www.zyxel.com Zyxel]<br />
|<br />
* [[Zyxel NXC Series]]<br />
* Zyxel UAG Series<br />
* [[Zyxel Nebula|Zyxel Nebula (cloud)]]<br />
|<br />
|-<br />
|}<br />
<br />
(*) formerly developed by Motorola and Zebra Technologies</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=ExamplesExamples2019-05-09T13:04:37Z<p>Vicente.santos: </p>
<hr />
<div>We developed a simple example to show the CoffeeBean Platform features. To access it, visit:<br />
<br />
https://sid-examples.herokuapp.com/social_logins/<br />
<br />
In this example you will see:<br />
<br />
* Login Widget with theme configuration<br />
* Connect Widget<br />
* Login/info API return<br />
* User/info API return<br />
* CoffeeBean Javascript API</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Javascript_APIsJavascript APIs2019-05-09T13:01:16Z<p>Vicente.santos: </p>
<hr />
<div>The current version of the CoffeeBean Javascript API can be accessed from this url:<br />
<br />
https://app.socialidnow.com/assets/api/socialid.js<br />
<br />
The available APIs can be found here:<br />
<br />
* [[Social ID Javascript APIs]]<br />
* [[Social Login Javascript APIs]]<br />
* [[Comments Reviews Javascript APIs]]<br />
* [[Datastore Javascript APIs]]<br />
* [[Web Push Javascript APIs]]<br />
* [[Campaign Engine Javascript APIs]]<br />
<br />
== Deprecated APIs ==<br />
<br />
* [[Social Webform Javascript API]]<br />
* [[Selfie Javascript APIs]]<br />
<br />
== Browser Support ==<br />
<br />
See [[Cross-Origin Authentication using Javascript APIs#Browser_Support|browser support and known limitations]].<br />
<br />
== Changelog ==<br />
<br />
You can follow the changelog and updates of the Javascript API from this url: https://github.com/coffeebeantech/social-id-js-api-versions.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Wi-Fi_PlatformWi-Fi Platform2019-05-09T12:59:57Z<p>Vicente.santos: </p>
<hr />
<div>The CoffeeBean Identity and Access Management Platform integrates to Wi-Fi vendors to offer the following services:<br />
<br />
* [[Captive Portal]]: integrates the Social Login and RaaS (Registration-as-a-Service) to enable users to register in Wi-Fi networks using their social networks or traditional credentials.<br />
* Indoor Location: enable indoor events, such as customer presence and proximity to regions, to drive commercial actions. The indoor location analytics helps understand users behavior in physical places.<br />
<br />
== Resources ==<br />
<br />
* [[Wi-Fi APIs]]<br />
* [[Walled Garden for the Social Login]]<br />
* [[Captive Portal Customizations]]<br />
<br />
== Supported Vendors ==<br />
<br />
{|<br />
! style="text-align:left; width: 250px;"| Logo<br />
! style="text-align:left; width: 200px;"| Website<br />
! style="text-align:left; width: 250px;"| Supported Devices and Captive Portal Configuration Guides<br />
! style="text-align:left; width: 200px;"| Indoor Location Events<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Aerohive logo.jpg|200px]]</p><br />
|[https://www.aerohive.com Aerohive Networks]<br />
|<br />
* HiveManager (cloud)<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Aruba hp lockup 140x68.png]]</p><br />
|[https://www.arubanetworks.com Aruba Networks]<br />
|<br />
* [[Aruba IAP]]<br />
* [[Aruba Controller]]<br />
|<br />
* Geofence Notify<br />
* Presence<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Cambium-logo.png|200px]]</p><br />
|[https://www.cambiumnetworks.com Cambium Networks]<br />
|<br />
* cnPilot<br />
* cnMaestro (cloud)<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Cisco-meraki.png|200px]]</p><br />
|[https://meraki.cisco.com Cisco Meraki]<br />
|<br />
* [[Cisco Meraki|Cisco Meraki (cloud)]]<br />
* [[Cisco Wireless LAN Controller (WLC)]]<br />
|<br />
* Meraki: Devices Seen<br />
* CMX Location: In/Out, Absence, Association, Area Change, Location Update<br />
* CMX Presence/Cloud: Passerby Detected, Passerby Became Visitor, Visitor Went Away, Device Gone, Site Entry Changed<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Extreme-logo.jpg|200px]]</p><br />
|[https://www.extremenetworks.com Extreme Networks]<br />
|<br />
* [[Zebra Wing 5 WLAN| WiNG WLAN]] (*)<br />
* [[Extreme Wireless| ExtremeWireless]]<br />
|<br />
* ADSP (*): Presence (Entered, Exit, Present), Region (Entered, Exit, Near, Present)<br />
* MPact (*): Dwell Time, Entry<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Mikrotik-logo.png|200px]]</p><br />
|[https://mikrotik.com Mikrotik]<br />
|<br />
* [[Mikrotik RouterOS]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Openmesh-logo.png|200px]]</p><br />
|[https://www.openmesh.com Open Mesh]<br />
|<br />
* [[OpenMesh CloudTrax|CloudTrax (cloud)]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Ruckus-logo.jpg|200px]]</p><br />
|[https://www.ruckuswireless.com Ruckus Wireless]<br />
|<br />
* [[Ruckus Virtual SmartZone]]<br />
* [[Ruckus ZoneDirector]]<br />
* Ruckus Standalone<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:UBNT Alternate Logo RGB.png|200px]]</p><br />
|[https://www.ui.com Ubiquiti Networks]<br />
|<br />
* [[Ubiquiti UniFi]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Logo-zyxel.png|200px]]</p><br />
|[https://www.zyxel.com Zyxel]<br />
|<br />
* [[Zyxel NXC Series]]<br />
* Zyxel UAG Series<br />
* [[Zyxel Nebula|Zyxel Nebula (cloud)]]<br />
|<br />
|-<br />
|}<br />
<br />
(*) formerly developed by Motorola and Zebra Technologies</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=RESTful_APIsRESTful APIs2019-05-08T20:01:44Z<p>Vicente.santos: </p>
<hr />
<div>In this page you can explore all available APIs for the CoffeeBean Identity and Access Platform:<br />
<br />
* [[Authentication]]<br />
* [[Errors]]<br />
* [[Social Login APIs]]<br />
* [[Marketing Database APIs]]<br />
* [[Push Notification APIs]]<br />
* [[Campaign Engine APIs]]<br />
* [[Datastore APIs]]<br />
* [[OAuth APIs]]<br />
* [[Wi-Fi APIs]]<br />
<br />
== Deprecated APIs ==<br />
<br />
* [[Campaign APIs]]<br />
* [[Selfie APIs]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Wi-Fi_PlatformWi-Fi Platform2019-05-08T19:20:42Z<p>Vicente.santos: </p>
<hr />
<div>The CoffeeBean Identity and Access Management Platform integrates to Wi-Fi vendors to offer the following services:<br />
<br />
* [[Captive Portal]]: integrates the Social Login and RaaS (Registration-as-a-Service) to enable users to register in Wi-Fi networks using their social networks or traditional credentials.<br />
* Indoor Location: enable indoor events to drive marketing actions, such as customer presence and proximity to regions. The indoor location analytics helps to understand how users behave in the physical places.<br />
<br />
== Resources ==<br />
<br />
* [[Wi-Fi APIs]]<br />
* [[Walled Garden for the Social Login]]<br />
* [[Captive Portal Customizations]]<br />
<br />
== Supported Vendors ==<br />
<br />
{|<br />
! style="text-align:left; width: 250px;"| Logo<br />
! style="text-align:left; width: 200px;"| Website<br />
! style="text-align:left; width: 250px;"| Supported Devices and Captive Portal Configuration Guides<br />
! style="text-align:left; width: 200px;"| Indoor Location Events<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Aerohive logo.jpg|200px]]</p><br />
|[https://www.aerohive.com Aerohive Networks]<br />
|<br />
* HiveManager (cloud)<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Aruba hp lockup 140x68.png]]</p><br />
|[https://www.arubanetworks.com Aruba Networks]<br />
|<br />
* [[Aruba IAP]]<br />
* [[Aruba Controller]]<br />
|<br />
* Geofence Notify<br />
* Presence<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Cambium-logo.png|200px]]</p><br />
|[https://www.cambiumnetworks.com Cambium Networks]<br />
|<br />
* cnPilot<br />
* cnMaestro (cloud)<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Cisco-meraki.png|200px]]</p><br />
|[https://meraki.cisco.com Cisco Meraki]<br />
|<br />
* [[Cisco Meraki|Cisco Meraki (cloud)]]<br />
* [[Cisco Wireless LAN Controller (WLC)]]<br />
|<br />
* Meraki: Devices Seen<br />
* CMX Location: In/Out, Absence, Association, Area Change, Location Update<br />
* CMX Presence/Cloud: Passerby Detected, Passerby Became Visitor, Visitor Went Away, Device Gone, Site Entry Changed<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Extreme-logo.jpg|200px]]</p><br />
|[https://www.extremenetworks.com Extreme Networks]<br />
|<br />
* [[Zebra Wing 5 WLAN| WiNG WLAN]] (*)<br />
* [[Extreme Wireless| ExtremeWireless]]<br />
|<br />
* ADSP (*): Presence (Entered, Exit, Present), Region (Entered, Exit, Near, Present)<br />
* MPact (*): Dwell Time, Entry<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Mikrotik-logo.png|200px]]</p><br />
|[https://mikrotik.com Mikrotik]<br />
|<br />
* [[Mikrotik RouterOS]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Openmesh-logo.png|200px]]</p><br />
|[https://www.openmesh.com Open Mesh]<br />
|<br />
* [[OpenMesh CloudTrax|CloudTrax (cloud)]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Ruckus-logo.jpg|200px]]</p><br />
|[https://www.ruckuswireless.com Ruckus Wireless]<br />
|<br />
* [[Ruckus Virtual SmartZone]]<br />
* [[Ruckus ZoneDirector]]<br />
* Ruckus Standalone<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:UBNT Alternate Logo RGB.png|200px]]</p><br />
|[https://www.ui.com Ubiquiti Networks]<br />
|<br />
* [[Ubiquiti UniFi]]<br />
|<br />
|-<br />
<br />
|<p style="margin: 20px 0">[[File:Logo-zyxel.png|200px]]</p><br />
|[https://www.zyxel.com Zyxel]<br />
|<br />
* [[Zyxel NXC Series]]<br />
* Zyxel UAG Series<br />
* [[Zyxel Nebula|Zyxel Nebula (cloud)]]<br />
|<br />
|-<br />
|}<br />
<br />
(*) formerly developed by Motorola and Zebra Technologies</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Web_Developer_InternWeb Developer Intern2019-05-08T13:24:42Z<p>Vicente.santos: </p>
<hr />
<div>A Coffee Bean Technology possui uma vaga para '''Estagiário em Desenvolvimento Web''', com a seguinte descrição:<br />
<br />
== A Empresa ==<br />
<br />
A CoffeeBean Technology (https://www.coffeebeantech.com) foi fundada por John Lima na Califórnia, EUA, e posteriormente expandiu para o Brasil onde tem um centro de desenvolvimento em Campinas, SP. A empresa oferece uma plataforma chamada '''Social-ID for CIAM (Customer Identity and Access Management)''', que automatiza serviços de autenticação, autorização e engajamento de usuários, criando uma base unificada de identidades de clientes a ser usada para integrações, análise e marketing. Nossos principais clientes incluem Dafiti, Catho, Outback, Marisa, Netpoints, dentre outros.<br />
<br />
A CoffeeBean Technology está constantemente inovando em termos de tecnologias usadas, novos projetos, parcerias e integrações com recursos variados, envolvendo APIs de redes sociais, bots do Facebook Messenger, machine learning com IBM Watson e AWS, aplicativos iOS/Android e Redes Wi-Fi para hotspots, indoor location e beacons. Oferecemos um ambiente dinâmico, de constante aprendizado.<br />
<br />
== O Candidato ==<br />
<br />
A CoffeeBean Technology está em busca de um estagiário apaixonado por desenvolvimento e tecnologias web, com muita iniciativa, criatividade, vontade de aprender e enfrentar desafios. Como trabalhamos com Scrum, auto-organização e responsabilidade também são características imprescindíveis.<br />
<br />
Procuramos por um candidato com o seguinte perfil:<br />
<br />
* No penúltimo ou último ano de um curso superior na área de Computação.<br />
* Familiaridade com HTML, CSS e JavaScript.<br />
* Familiaridade com desenvolvimento Web, preferencialmente com Ruby on Rails, Node.js ou Python.<br />
* Familiaridade com bancos de dados relacionais, como MySQL e PostgreSQL.<br />
* Familiaridade com bancos de dados não relacionais, como MongoDB e Elasticsearch.<br />
* Familiaridade com ambientes Linux ou MacOSX.<br />
<br />
== Como Aplicar? ==<br />
<br />
Enviar e-mail para jobs.br[at]coffeebeantech.com sob o título "Estágio Web 2019".<br />
<br />
De preferência, envie também informações relevantes sobre projetos acadêmicos ou profissionais em que trabalhou, incluindo o seu username no Github/Bitbucket se tiver.</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Captive_PortalCaptive Portal2019-05-07T13:29:39Z<p>Vicente.santos: /* Configuration Guides */</p>
<hr />
<div>== Architecture ==<br />
<br />
The captive portal and Social-ID platform integration are illustrated in the following diagram:<br />
<br />
<br />
[[File:wifi architecture.png]]<br />
<br />
Once the user connects to a Wi-Fi network, the AP or controller redirects to the captive portal page. The user can log in using a social network or traditional credentials and the social login callback posts the user credentials to the wireless AP or controller.<br />
<br />
The AP or controller must be configured to authenticate the users through RADIUS authentication. A RADIUS server and a client secret are configured and queried when an authentication request arrives. The Social Login RADIUS server authenticates the user and replies to the wireless AP or controller, which opens the Internet to the user and redirects back to some welcome or portal page. From this point the user can enjoy a free Internet.<br />
<br />
== Configuration Parameters ==<br />
<br />
To configure the Captive Portal on almost all vendors you will need these basic parameters: <br />
<br />
* RADIUS server host or IP address: the hostname or IP address of the Social-ID RADIUS server responsible to authenticate users.<br />
* RADIUS server authentication and accounting ports: the authentication port of the Social-ID RADIUS server responsible to authenticate users and accounting port of the Social-ID RADIUS server responsible to collect accounting information.<br />
* RADIUS client secret: the secret shared between the RADIUS client and server.<br />
* Captive portal URL: the URL of the external login page where the users will be redirected to.<br />
<br />
=== RADIUS Server ===<br />
<br />
The RADIUS server can be configured by hostname or IP address. We recommend to use hostname instead of IP address if possible.<br />
<br />
If the customer's infrastructure uses static IPs, we provide the following servers by environment:<br />
<br />
{|<br />
! style="text-align:left; width: 100px;"| Environment<br />
! style="text-align:left; width: 100px;"| Region<br />
! style="text-align:left; width: 200px;"| Hostname<br />
! style="text-align:left; width: 150px;"| IP<br />
! style="text-align:left; width: 200px;"| Authentication port<br />
! style="text-align:left; width: 200px;"| Accounting port<br />
|-<br />
|production<br />
|sa-east<br />
|radius.socialidnow.com<br />
|54.94.140.247<br />
|1812<br />
|1813<br />
|-<br />
|production<br />
|eu-central<br />
|radius.eu-central.socialidnow.com<br />
|52.28.85.158<br />
|1812<br />
|1813<br />
|-<br />
|staging<br />
|us-east<br />
|radius-staging.socialidnow.com<br />
|178.128.135.142<br />
|1812<br />
|1813<br />
|}<br />
<br />
For dynamic IPs, when the customer's network does not have support to static IP, we provide a RADIUS server that act as a proxy:<br />
<br />
{|<br />
! style="text-align:left; width: 100px;"| Environment<br />
! style="text-align:left; width: 100px;"| Region<br />
! style="text-align:left; width: 200px;"| Hostname<br />
! style="text-align:left; width: 150px;"| IP<br />
! style="text-align:left; width: 200px;"| Authentication port<br />
! style="text-align:left; width: 200px;"| Accounting port<br />
|-<br />
|production<br />
|sa-east<br />
|radius-proxy.socialidnow.com<br />
|18.228.102.200<br />
|custom<br />
|custom<br />
|}<br />
<br />
For these cases we'll setup custom ports for authentication and accounting, and a unique client secret for each customer.<br />
<br />
Our RADIUS servers accept the following authentication protocols: PAP, CHAP, MS-CHAP, MS-CHAPv2 and EAP types.<br />
<br />
=== RADIUS Client Secret and Captive Portal URL ===<br />
<br />
These parameters are specific for each customer. Contact us to get more details.<br />
<br />
== Configuration Guides ==<br />
<br />
* [[Aruba Controller]]<br />
* [[Aruba IAP]]<br />
* [[Cisco Meraki]]<br />
* [[Cisco_Wireless_LAN_Controller_(WLC)|Cisco Wireless Lan Controller]]<br />
* [[Extreme Wireless]]<br />
* [[Mikrotik RouterOS]]<br />
* [[OpenMesh CloudTrax]]<br />
* [[Ruckus Virtual SmartZone]]<br />
* [[Ruckus ZoneDirector]]<br />
* [[Ubiquiti UniFi]]<br />
* [[Zebra Wing 5 WLAN]]<br />
* [[Zyxel Nebula]]<br />
* [[Zyxel NXC Series]]<br />
<br />
== Walled Garden for the Social Login ==<br />
<br />
In order to enable social and traditional logins you need to configure a list of URLs that the users can access without being authenticated in the Wi-Fi network.<br />
<br />
[[Walled Garden for the Social Login|Get the list of URLs]].<br />
<br />
== Captive Portal Customizations ==<br />
<br />
Available customization options can be found here: [[Captive Portal Customizations]]</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=Cisco_Wireless_LAN_Controller_(WLC)Cisco Wireless LAN Controller (WLC)2019-05-07T13:27:02Z<p>Vicente.santos: Created page with "== Introduction == This document outlines the configuration process for the Cisco WLC. This process assumes that the Cisco WLC has been powered up and a basic IP configurati..."</p>
<hr />
<div>== Introduction ==<br />
<br />
This document outlines the configuration process for the Cisco WLC.<br />
<br />
This process assumes that the Cisco WLC has been powered up and a basic IP configuration has been applied through the CLI to allow the administrator access to the Web-based User Interface.<br />
<br />
== Graphical User Interface ==<br />
<br />
A browser-based Graphical User Interface is built into each controller, and allows up to five users to simultaneously browse management pages to configure and monitor operational status for the controller and its access points.<br />
<br />
The controller GUI is supported for the following web browsers:<br />
<br />
* Microsoft Internet Explorer, version 11 or a later version (Windows) <br />
* Mozilla Firefox, version 32 or a later version (Windows, Mac)<br />
* Google Chrome, version 38.x or a later version (Windows, Mac)<br />
* Apple Safari, version 7 or a later version (Mac)<br />
<br />
== Logging into the GUI ==<br />
<br />
Enter the controller’s IP address in your browser’s address bar (https://ip-address).<br />
When prompted, enter a System Name, a valid username (usually ''admin'') and password, and click ''OK''.<br />
<br />
== RADIUS ==<br />
<br />
=== Radius Authentication ===<br />
<br />
Click ''Security'' at the top of the User Interface and then ''AAA'' followed by ''Radius Authentication'' on the left-side menu bar. Configure the setting below:<br />
<br />
* '''Auth Called Station ID Type:''' AP MAC Address:SSID<br />
<br />
At the top of the page click ''new'' and complete as follows:<br />
<br />
* '''Server IP Address:''' Insert RADIUS server IP here. You can check the IP for your region at our [[Captive_Portal#Configuration_Parameters | Captive Portal Configuration Page]]<br />
* '''Shared Secret Format:''' ASCII <br />
* '''Shared Secret:''' Insert Shared Secret provided by CoffeeBean here<br />
* '''Confirm Shared Secret:''' Confirm Shared Secret here<br />
* '''Port:''' 1812<br />
* '''Server Status:''' Enabled<br />
<br />
Click ''apply'' to save the newly configured settings.<br />
<br />
=== Radius Accounting ===<br />
<br />
Click ''Radius Accounting'' on the left-side menu. Perform the setting below and then click ''Apply'':<br />
<br />
* '''Acct Called Station ID Type:''' AP MAC Address:SSID<br />
<br />
At the top of the page, click ''New'' and set the following:<br />
<br />
* '''Server IP Address:''' Insert RADIUS server IP here. You can check the IP for your region at our [[Captive_Portal#Configuration_Parameters | Captive Portal Configuration Page]]<br />
* '''Shared Secret Format:''' ASCII<br />
* '''Shared Secret:''' Insert Shared Secret provided by CoffeeBean here<br />
* '''Confirm Shared Secret:''' Confirm Shared Secret here<br />
* '''Port:''' 1813<br />
* '''Server Status:''' Enabled<br />
<br />
== Access Control Lists (ACL) ==<br />
<br />
Preauthentication ACLs define the destinations a wireless visitor can reach before having to authenticate.<br />
<br />
This may include a walled garden of local servers or other specific hosts that may be permitted access.<br />
<br />
For the purposes of social logins, we must list domains of social media. On the Graphic User Interface, choose ''Security'' > ''Access Control Lists'' to open the ACLs page.<br />
<br />
'''''Note:''''' if you wish to see if packets are hitting any of the pages configured on your ACL, select ''Enable Counters'' and then hit ''Apply'', otherwise leave the box unselected.<br />
<br />
Add a new ACL by clicking ''New''. The Access Control ''List'' > ''New'' appears. <br />
<br />
* '''Access Control List Name:''' Alphanumeric, max 32 characters<br />
* '''ACL Type:''' IPv4 and IPv6 are supported<br />
<br />
Click ''Apply'' to save.<br />
<br />
=== Using Local APs ===<br />
<br />
To the right of the ACL you’ve just created hover the blue arrow and click ''Add-Remove URL''. In the URL String Name, add '''''socialidnow.com'''''.<br />
<br />
Additionally, if you want to support social logins, you will need to add URL entries for each network you plan to support.<br />
<br />
A regularly updated list of these domains can be found at [[Walled_Garden_for_the_Social_Login#Walled_Garden_by_domain_names | our Walled Garden Page]]<br />
<br />
=== Using FlexConnect Mode ===<br />
<br />
Click on the ACL you’ve just created, then ''Add Rule > URL Rule'' at the top right.<br />
<br />
In the URL box, add the domains one at a time, setting the Action to ''Permit'' each time. Refer to the URLs found at [[Walled_Garden_for_the_Social_Login#Walled_Garden_by_domain_names | our Walled Garden Page]]<br />
<br />
== Web Authentication ==<br />
<br />
Click ''Security'' > ''Web Auth'' > ''Web Login Page'' on the left and configure with:<br />
<br />
* '''Web Authentication Type:''' External (redirect to external server)<br />
* '''Redirect URL After Login:''' leave blank<br />
* '''External Webauth URL:''' Insert captive portal login URL provided by CoffeeBean here<br />
<br />
[[File:CISCO WLC Web Authentication.png]]<br />
<br />
Click ''Apply'' to save.<br />
<br />
== WLAN ==<br />
<br />
A new wireless WLAN has to be defined in order to serve users. In this example we will be defining an SSID as Guest Wi-Fi. <br />
<br />
Click ''WLAN'' at the top menu bar, then ''WLANS'' on the left. Click ''Create New'' > ''Go'' at the top right or edit an existing WLAN if you already have one. <br />
<br />
If you’re creating a new WLAN, configure it with:<br />
<br />
[[File:CISCO WLC WLAN Configuration.png|800px]]<br />
<br />
* '''Profile Name:''' Guest Wi-Fi<br />
* '''SSID:''' Guest Wi-Fi (or whatever name you wish)<br />
<br />
The ''Profile Name'' and ''SSID'' can be set to match the local preferences of your deployment. Click ''Apply'' to commit the changes. <br />
<br />
Next, click the SSID profile to edit its settings<br />
<br />
=== General ===<br />
<br />
[[File:CISCO Security Layer 1.png|800px]]<br />
<br />
On the ''General'' tab:<br />
<br />
* '''Status:''' Enabled<br />
* '''Broadcast SSID:''' Enabled<br />
* '''SSID:''' Guest Wi-Fi (or whatever name you wish)<br />
<br />
=== Security Layer 2 ===<br />
<br />
On the ''Security'' > ''Layer 2'' tab:<br />
<br />
* '''Layer 2 Security:''' None<br />
<br />
[[File:CISCO Security Layer 2.png|800px]]<br />
<br />
=== Security Layer 3 ===<br />
<br />
On the ''Security'' > ''Layer 3'' tab:<br />
<br />
* '''Layer 3 Security:''' Web Policy<br />
* '''Authentication:''' Enabled <br />
* '''Pre-Authentication ACL (if Local):''' Guest Wi-Fi<br />
* '''WebAuth FlexACL (if FlexConnect):''' Guest Wi-Fi<br />
* '''Override Global Config:''' Disabled<br />
<br />
[[File:CISCO Security Layer 3.png|800px]]<br />
<br />
=== Security AAA Servers ===<br />
<br />
On the Security > AAA Servers tab:<br />
<br />
'''Authentication Servers:''' Enabled<br />
'''Server 1:''' Select RADIUS authentication server created before<br />
'''Accounting Servers:''' Enabled<br />
'''Server 1''': Select RADIUS accounting server created before<br />
'''Interim Update:''' Enabled –Interim Interval: 600 <br />
* '''Authentication priority order for web-auth user'''<br />
** '''Not Used:''' LOCAL, LDAP <br />
** '''Order used for Authentication:''' RADIUS <br />
<br />
[[File:CISCO Security AAA Servers.png|800px]]<br />
<br />
== Management ==<br />
<br />
Next, click ''Management'' at the top then ''HTTP-HTTPS'' on the left. Configure with:<br />
<br />
* '''WebAuth SecureWeb:''' Disabled<br />
* '''HTTPS Redirection:''' Disabled<br />
<br />
Click ''Controller'' at the top then ''interfaces'' on the left. Configure with:<br />
<br />
* '''IP Address:''' Set your IP address (''e.g. 192.0.2.1'')<br />
<br />
Click ''Apply'' to save and then ''Save Configuration'' at the top right.<br />
<br />
'''''Note:''''' for all the features to work, your controller must be rebooted.<br />
<br />
== Customer Parameters ==<br />
<br />
The summary of customer specific parameters is:<br />
<br />
'''Basic Settings'''<br />
* '''Redirection URL:''' the provided captive portal login URL<br />
<br />
* '''RADIUS'''<br />
** '''Authentication'''<br />
*** '''Server IP Address:''' You can check the IP for your region at our [[Captive_Portal#Configuration_Parameters | Captive Portal Configuration Page]]<br />
*** '''Shared Secret:''' Provided by CoffeeBean<br />
*** '''Port:''' 1812<br />
** '''Accounting'''<br />
*** '''Server IP Address:''' You can check the IP for your region at our [[Captive_Portal#Configuration_Parameters | Captive Portal Configuration Page]]<br />
*** '''Shared Secret:''' Provided by CoffeeBean<br />
*** '''Port:''' 1813<br />
* '''Access Control List:''' A regularly updated list of these domains can be found at [[Walled_Garden_for_the_Social_Login#Walled_Garden_by_domain_names | our Walled Garden Page]]<br />
* '''Captive Portal'''<br />
** '''External Webauth URL:''' Captive Portal Login URL provided by CoffeeBean</div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=File:CISCO_Security_AAA_Servers.pngFile:CISCO Security AAA Servers.png2019-05-07T13:09:28Z<p>Vicente.santos: </p>
<hr />
<div></div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=File:CISCO_Security_Layer_3.pngFile:CISCO Security Layer 3.png2019-05-07T13:04:47Z<p>Vicente.santos: </p>
<hr />
<div></div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=File:CISCO_Security_Layer_2.pngFile:CISCO Security Layer 2.png2019-05-07T13:03:11Z<p>Vicente.santos: </p>
<hr />
<div></div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=File:CISCO_Security_Layer_1.pngFile:CISCO Security Layer 1.png2019-05-07T12:54:28Z<p>Vicente.santos: </p>
<hr />
<div></div>Vicente.santoshttps://dev.socialidnow.com/index.php?title=File:CISCO_WLC_WLAN_Configuration.pngFile:CISCO WLC WLAN Configuration.png2019-05-07T12:46:02Z<p>Vicente.santos: </p>
<hr />
<div></div>Vicente.santos