Authenticators are web services that are used to add authentication to Oomph apps or to provide subscription-like capabilities independently of or in conjunction with the App Store.
Authenticators can be used to support the following scenarios (among others):
- paper/digital subscription bundles
- member access to digital content
- restricted access for closed source content.
Authenticators do not replace the use of the App Store for purchasing on iOS (indeed, this would violate Apple's terms of service). Rather, they are intended to augment the iOS in-app purchasing system, or to provide a mechanism for allowing access to an existing system.
How Authenticators Work
Authenticators use a two-stage process to check the status of a user. The user is initially authorised using a simple mobile website accessed via the app. At some later point, the app will contact your server via a web service call to verify that the user is valid.
Authenticators use the concept of a receipt to track the status of a user. A receipt is an arbitrary string generated by your system that can be used to uniquely identify a user. The receipt is sent to the app and stored on the device when the user initially authenticates. It is then passed to your server when the Oomph app needs to verify whether or not the user is allowed access to publications.
Read more about the authenticator workflow.
Implementing an Authenticator
There are several steps you must perform to successfully implement an authenticator:
- You must choose the type of authenticator to implement.
- Determine how you will build the receipt, which is an arbitrary string generated by your server that can be used to uniquely identify a user.
- See Receipts
- See Receipts
- Build a mobile website (msite) that is displayed to the user inside the app. The msite is used to retrieve the user's details, and provides the user feedback on their authentication status
- See Msite
- See Msite
- Deploy a web service API endpoint on your server that implements our verification API.
- See Verification API
- See Verification API
- Configure the URLs for your msite and verification API implementations in the Oomph dashboard.
Additional Resources
We have provided a sample implementation of both the msite and verification API in our GitHub Repository. We have also created an iPad app that can be used to test your authenticator implementation against the actual authenticator code used in the Oomph app.
This app can be made available to authenticator implementors upon request, please contact support if you require access to this tool. See the Authenticator FAQ.
Got a question? Ask a question to the Oomph Community or submit a new Support request.
Comments
0 comments
Article is closed for comments.