Creative community idea: virtual talent show!
Rosemary O'Neill
Community Management
-
TipsFor those that own a hoop.la site, I might make the recommendation that you research how to add a robots.txt file to your site. I ran a link checker on my SocialStrata website and I noticed there are a lot of links that would send a search...
-
Crowdstack DiscussionHi, we're planning to use your SSO to be integrated with our own registration and login system. I have a ques: how do we actually login to crowdstack from our site with the use of SSO? I checked your API calls and can see that you have endpoints for SSO member lookup as well as the login endpoint however, in your login, we need to provide the password which we don't have since we're just logging in from our site. Please let me know what do we need to do or use to achieve this. Thanks.
-
Suggestions👍We were alerted by one of our admin users that when an email notification from our crowdstack was forwarded from one user to another, the links open up to the forwarder's account without a login prompt. I am unable to pinpoint why this would occur. Can anyone help troubleshoot with me? Thank you!
-
Blog Post CommentRosemary, Any chance you guys could borrow a Nextel camera phone and do a swarm test of the moblogging bug that James and I are experiencing?
-
Blog Post CommentHi Gail, for the beta sites, only the SuperAdmin account is recognized, so you need to login with that account (you can have the SuperAdmin set up a fresh password when you're done). If you need more help with this, please email [email protected] and we can troubleshoot with you.
-
Blog Post CommentNo, I wasn't blocked. I just noticed that in the past if I signed up as a new member under my IP address on my hoop.la site using a different email address as a test member, I could not send a dialog to that test member & I attributed that to having the same IP since I was also the Admin because the system shows the registration IP & the last IP used to login. If the system however is not wired to see that as a conflict, then something else was blocking my ability to receive a dialog...
-
Topic ReplyHi @Harvey Mercado , The API is not meant to be used for Single Sign-On; rather it's more of a tool for pushing and pulling data to/from Crowdstack programmatically. Crowdstack uses SAML 2.0 for SSO, so in order to hook up your Crowdstack via SSO, you will need to implement a SAML Identity Provider on your registration and login system. In SSO mode, Crowdstack will act as a SAML Service Provider. SAML 2.0 is an open standard with tons of information widely available. You can learn more about...
-
Topic ReplyHi @Harvey Mercado , I'm not familiar with WSO2 or how it might interoperate (or not) with OpenSAML, so I don't think I can advise you on that. The basic flow is that Crowdstack will send an AuthnRequest POST to your IdP, and your IdP will need to handle the user's login (if necessary) and send a SAML Assertion POST back to Crowdstack. In order for this to work, of course, you'll need your SAML IdP to be hosted somewhere on the Internet over HTTPS. localhost won't be a viable option, of...
-
Topic ReplyHi @Harvey Mercado , You won't be able to do an IdP-initiated login request, which is what you're asking for. I wouldn't worry about this auto-sign in scenario just yet. I'd focus first on the basics of getting the SAML IdP AuthnRequest processing and Assertion response working. Get that set up and working. Then , you can start looking at how to handle automatic logins. When you get there, you'll have a couple of options: Probably the best option is to enable "Auto Sign-In Mode" in...
-
Topic ReplyHi @Harvey Mercado , There's a "backdoor" login form that you can use to sign in as an administrator to your Crowdstack: https://manchesterunity.crowds...n?showLoginForm=true You should be able to sign in there with your original Crowdstack email address and password, which should allow you in to the control panel to make further changes to your SSO integration. Hope that helps! Brian
-
Topic Reply🏆Hi Amy I'm going to answer in the support email we have going, but just in case anyone else had a similar question....go to your Settings, under Basics, and choose "Private" rather than "Public." That will put the entire community behind a login, so that "guests" or "visitors" can't see anything without registering. If you want to prevent new registrations, or limit to invitation-only, you can also go in Settings, to Registration Settings, and tick the box to restrict those options as well.
-
Topic ReplyMaybe that group of guests have visited the same server and the auto-login memo data is still ongoing, just set the logout and limit to one login device and it will work properly.