• Home
    • Pugpig Bolt
    • Authentication and Subscriptions

    Security API - What is needed to integrate with the Pugpig security API

    Written by Benji Weiser

    Updated at March 3rd, 2023

    • Pugpig Bolt

      • Pugpig Site

        • Pugpig Archive

          • Working with Pugpig

            • Pugpig Consulting

              Below is a list of what we need to integrate your authentication service with Pugpig, this work is typically covered by Kaldor under a Pugpig Authentication Pack. 

              Before integration work can begin we need:

              • Confirmation if you are using a web based authentication OAuth/PKCE flow for the sign step (which we recommend) instead of a direct API call, you will also need to read and understand this document:

                https://docs.pugpig.com/en_US/360013591298-Web-based-authentication-integrations-in-Pugpig-apps-using-PKCE

              • An HTTPS API that can be accessed from our Distribution platform. At a minimum we need:

                • if NOT using a PKCE flow the ability to send user credentials to the API (usually username/email and password as well as a unique device ID), with the API responding returning yes, no or more information about their entitlements. Ideally the login call returns a token, which can be used for subsequent calls to the API. This is called when a user signs into the app.
                • an entitlements endpoint that takes the user token and returns information about the users entitlements. This is called every time a user opens the app.
              • High level documentation explaining the API. For example, explain if the system is access based (an active user gets all content) or issue/time based (an active user only gets a limited set of editions).
              • Access to a working endpoint - this can be a staging or production endpoint. Production is safe as the integration only makes read only calls. It doesn't write or change any data
              • An example of every kind of user you have (active/lapsed/blacklisted/print only/etc/etc)
              • Any business rules explaining how we should interpret the responses, although hopefully most of this is handled by the origin subscription system
              • Sessions times should be infinite, or otherwise very long, so that users do not get logged out
              • If the endpoint is restricted by IP address, and Kaldor are doing the integration on the Clouds Distribution Platform, you'll need to open access to our IP addresses: https://docs.pugpig.com/urls-domains-and-linking/208008576-Distribution-Overview-Pugpig-IP-ranges
              integrate security api

              Was this article helpful?

              Yes
              No
              Give feedback about this article

              Related Articles

              • Web-based authentication integrations in Pugpig apps using PKCE
              • In-app purchases and cross entitlement
              • Distribution federation of PKCE
              • Bolt Metered Paywall
              pugpig logo white
              Navigation
              • Products
              • Customers
              • News
              • Podcast
              Contact
              • Contact us
              • LinkedIn
              • Twitter
              Technical Support
              • Status Page
              • Documentation
              • Customer Support
              Corporate
              • Company
              • Jobs
              • Privacy Policy

              © Kaldor Ltd. 2022

              Powered by Pugpig


              Knowledge Base Software powered by Helpjuice

              Expand