Security API - What is needed to integrate with the Pugpig security API
Below is a list of what we need to integrate your authentication service with Pugpig, this work is typically covered by Kaldor under a Pugpig Authentication Pack.
Before integration work can begin we need:
- Confirmation if you are using a web based authentication OAuth/PKCE flow for the sign step (which we recommend) instead of a direct API call, you will also need to read and understand this document:
An HTTPS API that can be accessed from our Distribution platform. At a minimum we need:
- if NOT using a PKCE flow the ability to send user credentials to the API (usually username/email and password as well as a unique device ID), with the API responding returning yes, no or more information about their entitlements. Ideally the login call returns a token, which can be used for subsequent calls to the API. This is called when a user signs into the app.
- an entitlements endpoint that takes the user token and returns information about the users entitlements. This is called every time a user opens the app.
- High level documentation explaining the API. For example, explain if the system is access based (an active user gets all content) or issue/time based (an active user only gets a limited set of editions).
- Access to a working endpoint - this can be a staging or production endpoint. Production is safe as the integration only makes read only calls. It doesn't write or change any data
- An example of every kind of user you have (active/lapsed/blacklisted/print only/etc/etc)
- Any business rules explaining how we should interpret the responses, although hopefully most of this is handled by the origin subscription system
- Sessions times should be infinite, or otherwise very long, so that users do not get logged out
- If the endpoint is restricted by IP address, and Kaldor are doing the integration on the Clouds Distribution Platform, you'll need to open access to our IP addresses: https://docs.pugpig.com/urls-domains-and-linking/208008576-Distribution-Overview-Pugpig-IP-ranges