• Home
  • Pugpig Bolt
  • Authentication and Subscriptions

Security API - What is needed to integrate with the Pugpig security API

Written by Benji Weiser

Updated at March 3rd, 2023

  • Pugpig Bolt
    Bolt apps Content and Workflows Bolt CMS Pugpig Distribution Service URLs, Domains and Linking Bolt Search Authentication and Subscriptions Bolt Analytics Push notifications Bolt Release Notes Debugging Advertising App stores Consent management
  • Pugpig Site
    Site Search URLs, Domains and Linking Content Management System Analytics SEO Advertising Consent Management Platform Site Release Notes Debugging Authentication and Subscriptions
  • Pugpig Archive
  • Working with Pugpig
    Pugpig Support Releasing new versions Pugpig Packs & Agreements Pugpig Policies
  • Pugpig Consulting
+ More

Below is a list of what we need to integrate your authentication service with Pugpig, this work is typically covered by Kaldor under a Pugpig Authentication Pack. 

Before integration work can begin we need:

  • Confirmation if you are using a web based authentication OAuth/PKCE flow for the sign step (which we recommend) instead of a direct API call, you will also need to read and understand this document:

    https://docs.pugpig.com/en_US/360013591298-Web-based-authentication-integrations-in-Pugpig-apps-using-PKCE

  • An HTTPS API that can be accessed from our Distribution platform. At a minimum we need:

    • if NOT using a PKCE flow the ability to send user credentials to the API (usually username/email and password as well as a unique device ID), with the API responding returning yes, no or more information about their entitlements. Ideally the login call returns a token, which can be used for subsequent calls to the API. This is called when a user signs into the app.
    • an entitlements endpoint that takes the user token and returns information about the users entitlements. This is called every time a user opens the app.
  • High level documentation explaining the API. For example, explain if the system is access based (an active user gets all content) or issue/time based (an active user only gets a limited set of editions).
  • Access to a working endpoint - this can be a staging or production endpoint. Production is safe as the integration only makes read only calls. It doesn't write or change any data
  • An example of every kind of user you have (active/lapsed/blacklisted/print only/etc/etc)
  • Any business rules explaining how we should interpret the responses, although hopefully most of this is handled by the origin subscription system
  • Sessions times should be infinite, or otherwise very long, so that users do not get logged out
  • If the endpoint is restricted by IP address, and Kaldor are doing the integration on the Clouds Distribution Platform, you'll need to open access to our IP addresses: https://docs.pugpig.com/urls-domains-and-linking/208008576-Distribution-Overview-Pugpig-IP-ranges
integrate security api

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Web-based authentication integrations in Pugpig apps using PKCE
  • In-app purchases and cross entitlement
  • Bolt Metered Paywall
pugpig logo white
Navigation
  • Products
  • Customers
  • News
  • Podcast
Contact
  • Contact us
  • LinkedIn
  • Twitter
Technical Support
  • Status Page
  • Documentation
  • Customer Support
Corporate
  • Company
  • Jobs
  • Privacy Policy

© Kaldor Ltd. 2022

Powered by Pugpig

Expand