• Home
    • Pugpig Bolt
    • Authentication and Subscriptions

    Authentication in Pugpig Bolt

    Written by Benji Weiser

    Updated at April 8th, 2025

    • Pugpig Bolt

      • Pugpig Site

        • Pugpig Archive

          • Working with Pugpig

            • Pugpig Consulting

              Table of Contents

              User Authentication User Entitlement Article level entitlement Direct Authentication vs Store Authentication Web-based PKCE auth Cross entitlement Testing your integration Troubleshooting

              User Authentication

              Authentication verifies the identity of a user, based on matching their credentials with ones that your auth provider has securely stored somewhere.

              User Entitlement

              Once a user has been authenticated and logged in, we then need to decide what they can access. There are 2 entitlement methods that we support. 

              1. Access based
              2. Issue based

              Access based, the Netflix model, is when a user has access to everything or nothing, based solely on their subscription with you. We receive no information about any specific collections they should be able to access, only that they have access. Once the subscription expires, if they have not renewed, then they'll lose access to all content.

              Issue based is when a user only has access to specific collections. We'll receive a list of entitled collections, usually the collection ID, and we'll allow access to content based on that list. This is usually determined by the date that the user's subscription began, and unlike access based, when/if their subscription expires, they'll still have access to content published within their subscription period.

              Article level entitlement

              For issue based auth, we now support a more granular control allowing you to give users access to specific pieces of content, as well as whole editions and timelines.

              We're able to include entitlement data at the article level, which will trigger the app to check the end user's entitlements. If a matching entitlement is found, the user is granted access to the content. Otherwise, the user is shown the paywall.

              If interested, please reach out to us to discuss implementation.

               


              By default we support access based for the app stores. Please speak to us if you wish to use issue based for the stores.

              Direct Authentication vs Store Authentication

              There are 2 journeys a user can go through to authenticate.

              1. Direct through your authentication provider
              2. By subscribing in-app and going through one of the respective stores

              Almost always, if you have direct auth in your app, you'll also need store auth, because of app store regulations.

              We support authentication via the app stores out of the box, and other than configuring in-app purchases, there's no additional work to be done to get it set up.

              There are also various authentication providers that we have integrated into the Pugpig platform. If your auth solution comes from one of these providers then we may be able to get you set up with no cost or effort, just a few details. To check if your provider is one of our supported ones, check our available third party integrations article

              If your provider is not one of our supported out of the box ones, you'll likely need to purchase an Authentication Pack.

              Web-based PKCE auth

              We very strongly recommend PKCE over a native login flow. It is more secure, compliant with industry standards and best practices, integrates well with other flows and is supported by most major auth providers. It will also cost less to develop and can be rolled out faster. If you're interested in Web-based authentication integrations in Pugpig apps using PKCE we have a whole detailed doc on it.

              Cross entitlement

              It's possible for you to link in-app purchases in your app to your existing auth provider. To do so we use a method called cross entitlement (or receipt postback). This allows users to either sign in with an existing account once subscribed in app, or to create a new account, so that they can access the app on other platforms.

              Please see our cross entitlement documentation for more information, including how to set it up on your back end.

              Testing your integration

              When we set up your auth integration, we'll create an addon on your Pugpig Distribution site, where we'll configure your auth and test it.

              You can also test it on this page if you'd like using our test form. You'll be able to enter any valid login details, see what calls we're making to your auth provider, and see the responses received. This can be very useful to check where an issue lies, if there is one.

              Troubleshooting

              If something does go wrong with your auth, please see our welcome to support document which details steps to go through.

              authentication pugpig bolt

              Was this article helpful?

              Yes
              No
              Give feedback about this article

              Related Articles

              • Alternative purchasing mechanisms for Bolt apps
              • Web-based authentication integrations in Pugpig apps using PKCE
              • Adding voucher (promo) codes for your mobile or web app
              • Integrating PKCE authentication & cross entitlement for Piano
              pugpig logo white
              Navigation
              • Products
              • Customers
              • News
              • Podcast
              Contact
              • Contact us
              • LinkedIn
              • Twitter
              Technical Support
              • Status Page
              • Documentation
              • Customer Support
              Corporate
              • Company
              • Jobs
              • Privacy Policy

              © Kaldor Ltd. 2022

              Powered by Pugpig


              Knowledge Base Software powered by Helpjuice

              Expand