Below is a list of what we need to integrate your authentication service with Pugpig, this work is typically covered by Kaldor under a Pugpig Authentication Pack.
Before integration work can begin we need:
- An HTTPS API that can be accessed from our Distribution platform. At a minimum we need:
- the ability to send user credentials to the API (usually username/email and password as well as a unique device ID), with the API responding returning yes, no or more information about their entitlements. Ideally the login call returns a token, which can be used for subsequent calls to the API. This is called when a user signs into the app.
- an entitlements endpoint that takes the user token and returns information about the users entitlements. This is called every time a user opens the app.
- High level documentation explaining the API. For example, explain if the system is access based (an active user gets all content) or issue/time based (an active user only gets a limited set of editions).
- Access to a working endpoint - this can be a staging or production endpoint. Production is safe as the integration only makes read only calls. It doesn't write or change any data
- An example of every kind of user you have (active/lapsed/blacklisted/print only/etc/etc)
- Any business rules explaining how we should interpret the responses, although hopefully most of this is handled by the origin subscription system
- Sessions times should be infinite, or otherwise very long, so that users do not get logged out
- If the endpoint is restricted by IP address, and Kaldor are doing the integration on the Clouds Distribution Platform, you'll need to open access to our IP addresses: https://pugpig.zendesk.com/hc/en-us/articles/208008576-Distribution-Overview-Pugpig-IP-ranges