This method is similar to the login method. It can be used to authenticate and establish a session for a user who is in the Luminate Online constituent database, but who has not logged in to the site for the first time. This method takes an organization-specific combination of attributes (such as membership number and zip code) to authenticate the user and establish a session.
| Client Servlet | Server Servlet | HTTP Methods Supported | Requires Authentication |
|---|---|---|---|
| CRConsAPI | SRConsAPI | POST | Server. |
The authenticateUser method is similar to the login method. It can be used to log in a user and establish a session with Luminate Online using an alternative means of authentication, such as a name and membership ID number, if that user has never logged in before and has not established a user name and password on the system.
To use this method, you must first define which columns in your constituent database to use for authentication. Under Setup/Database Configuration, check "Use for Authentication" next to the columns to use, and note the Column Names, which you will use as parameters when calling this method. If no fields in the database are marked "Use for Authentication," this method returns the following error: "No fields are configured to support authentication."
You may not have access to modify your site's Database Configuration. If not, you must open a case with Support specifying which Constituent profile fields you want flagged "Use for Authentication," and requesting the column names of those fields to use in the API call.
See topic Common Parameters.
See topic Common Parameters.
See topic HTTP Status Codes.
XML response
<?xml version="1.0" encoding="UTF-8"?>
<loginResponse xsi:schemaLocation="http://convio.com/crm/v1.0 http://service.convio.net/xmlschema/crm.public.v1.xsd" xmlns="http://convio.com/crm/v1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<cons_id>1001002</cons_id>
<timestamp>1454341434</timestamp>
<signature>52a4fa3790b63458a2b0abdb1b70d52d</signature>
<token xsi:nil="true"/>
<nonce xsi:nil="true"/>
<JSESSIONID xsi:nil="true"/>
<routing_id xsi:nil="true"/>
</loginResponse>
JSON response
{"loginResponse":{"routing_id":null,"timestamp":"1454341434","JSESSIONID":null,"nonce":null,"token":null,"cons_id":"1001002","signature":"52a4fa3790b63458a2b0abdb1b70d52d"}}
A user may be recorded in the database without ever having logged in to the system. They have a membership card that uniquely identifies the account information and that is considered relatively secure. In actual usage, it is a best practice to require at least 2 pieces of information from the user to authenticate (e.g. last name and membership number).
The solution in this scenario is to design a secure form that uses POST to the authenticateUser method at this URL:
https://securex.convio.net/[org]/site/CRConsAPI
The form should look something like this:
<form method="post" action="https://securex.convio.net/yoursite/site/CRConsAPI">
<input type="hidden" name="api_key" id="api_key" value="open" />
<input type="hidden" name="v" id="v" value="1.0" />
<input type="hidden" name="method" id="method" value="authenticateUser" />
<input type="hidden" name="success_redirect" value="http://yourothersite.org/login_page.html?cons_id=" >
<input type="hidden" name="error_redirect" value="http://yourothersite.org/login_page.html?code=&message=" >
<input type="hidden" name="sign_redirects" id="sign_redirects" value="true" />
<table>
<tr>
<td>Last Name:</td>
<td><input name="last_name" type="text" size="15" maxlength="100"></td>
<tr>
<td>Membership Number:</td>
<td><input name="member_id" type="text" size="15" maxlength="100"></td>
</tr>
</table>
<input type="submit" value="Submit" name="Submit" />
</form>
The Input fields displayed to the user will be based on site-specific configuration in the Constituent Database (used for Authentication flag). Typically, this configuration should be done by Support.
Comments