External/Membership Authentication Integration Specification

Summary

This document outlines the technical integration requirements for making the external/membership authentication possible.
For a deeper understanding of this feature, please see About external Authentication (xAuth)

Authentication Request

This section outlines what and how we will send to the customer’s membership application.

Protocol: Synchronous Http Get
The customer provided URL will be SSL secured and the http post will be made from Regonline’s server side code.

Payload Type: Name Value collection

The collection will look similar to the name value collection found in the Request’s form collection during a typical http get.

Fields

All String type fields will be Url Encoded and all field keys will be sent in lowercase

Field Name Type Required
eventid Integer Yes
clienteventid String No
regtypeid Integer Yes
regtypename String Yes (name on reports)
email String No
username String Yes
passwordhash String No, assumes customer application does not require password. This field will be hashed (SHA-256) to fully protect the content.
eventlang String Yes

Example Url:
https://api.customer.com/validateMember/?eventid=1234&clienteventid=1234abcd&regtypeid=333&regtypename=my+new+type&email=abcd%40someemail.com&username=coffeeAndTea1&passwordhash=securepassword&eventlang=en-US

Note: As you setup your configuration and test it by using your test account, our system will also generate a random set of credentials to your endpoint with the expectation that your endpoint will return a failed authentication. For example, if you’re using Test@Example.com/mypassword as your positive test case, we will supply a random email and password for a the negative test case. Once the test returns a successful authentication and also a failed authentication, your test is considered successful.

Authentication Response

This section outlines what and how we expect to receive any authentication response.

Note: We will only pre-populate the Personal Information page if the authentication setup requires password as part of the authentication logic. This is to protect your member’s information.

Payload Type: XML

Field Name Type Required
success Boolean Yes
errormessage String No, only if success = false
prefix String No
firstname String No
middlename String No
lastname String No
suffix String No
jobtitle String No
company String No
address1 String No
address2 String No
city String No
state String No
postalcode String No
workphone String No
homephone String No
country String No
extension String No
fax String No
mobilephone String No
emergencycontactphone String No
dob Date No
gender String No
secondaryemail String No

Example Successful Response Xml:

 
<?xml version=""1.0"" encoding=""utf-16""?>
<authresponse xmlns=""https://www.regonline.com/api"" xmlns:xsi=""https://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""https://www.w3.org/2001/XMLSchema"">
  <success>true</success>
  <errormessage><errormessage>
  <address1>123 main street</address1>
  <dob>0001-01-01T00:00:00</dob>
  <gender />
.
.
.
</authresponse>

Example Failed Response Xml:

 
<?xml version=""1.0"" encoding=""utf-16""?>
<authresponse xmlns=""https://www.regonline.com/api"" xmlns:xsi=""https://www.w3.org/2001/XMLSchema-instance"" xmlns:xsd=""https://www.w3.org/2001/XMLSchema"">
  <success>false</success>
  <errormessage>{failure error message, to be displayed to the user}</errormessage>
  <address1>123 main street</address1>
  <dob>0001-01-01T00:00:00</dob>
  <gender />
.
.
.
</authresponse>

XSD used to validate the Response XML can be found in the accompanying xAuth.xsd.

View a C# example of setting up a service on GitHub: https://github.com/regonline/xAuth-Example

Posted: December 13th, 2011

RegOnline by Lanyon is the easy-to-use, affordable online registration and event management software. Turn your next conference, meeting, trade show into a huge success. Event management solutions include online registration forms, event websites, badges, event marketing, credit card processing and so much more. Sign up today for a free trial.

TRUSTe online privacy certification Lanyon Solutions, Inc.
717 North Harwood
Dallas, Texas 75201
email: info@lanyon.com | Toll Free: 1-888-351-9948

 

© Copyright 2017 | RegOnline by Lanyon | All Rights Reserved