brainCloud provides support for authenticating users via an external directory. This is done by implementing a custom script that acts as the integration glue between brainCloud and the external directory.
To get started, find external identities page on the brainCloud portal.
Implementation
In order to create an external authentication identity, a non-client cloud code script must be created ahead of time, brainCloud will use it to access external service. And since the cloud code will call external service by using httpClientSeviceProxy(), so you need to configure your external web service first.
Go to Design | Cloud Code | Web Services page, click [+New Service], add your external Base URL and give a name for this.
Go to Design | Cloud Code | Scripts page, click [+] to create a new script
bridge.logInfoJson("Received the postmanexternal script start...", data);
var apiToken = data.authenticationToken;
var externalId = data.externalId;
// Create a proxy to the service
var httpProxy = bridge.getHttpClientServiceProxy();
//The correct path values will be determined by your API at the server side
var path = "userinfo/fff2e452-20c3-44c0-99da-95c5fb1d6f24";
var query = {};
//depended on your server-side how to involve authenticating the sender of a request and verifying that they have permission to access or manipulate the relevant data
var headers = {};
headers.ExternAPIToken = apiToken;
// make the web call, postmanmocker is defined at Web Services portal page
var result = httpProxy.getResponseJson("postmanmocker", path, query, headers);
bridge.logInfoJson("Received the postmanexternal script after getResponseJson...", result);
// Evaluate the result and return
var retval = false;
var bcstatus = result.status;
// retval = result;
if (bcstatus === 200)
{
bcdata = result.data;
restStatus = bcdata.status;
if (restStatus == 200)
{
jsondata = bcdata.json;
//this is depended upon how your external server structures the response data for an authenticated user
userid = jsondata.userInfo.userID;
retval = (userid === externalId);
// retval = bcdata;
}
}
retval;
Note: The parameter names for script data input are “externalId” and “authenticationToken”. These parameters will be passed to the script by the client API authentication method. The script must return a boolean true or false to indicate success or failure.
Now, go back to External Identity page. Click the [ + ] at right top corner, enter a name for this new identity, from drop-down box select the external cloud code script that you just created, and click Save.
Test external authenticating on API Explore, make sure put right info as below and run it.
If you have done correctly, you should find a new user is authenticated and you can check this user's credentials from Monitoring | User Monitoring | User Summary page
And you can check your debug info from Monitoring | Global Monitoring | Recent Errors page