Question

I just started using Caspio this week. I have a simple database project that I would like to share only with specific google users. I have successfully created a Tabular DataPage Report that is configured on the Access and Security section to Restrict Access by Requiring a Connection. The connection is successfully configured to use only Google ID Services. When I do this, any authenticated google/gmail account can be logged into my DataPage. That part works.

Ultimately, I would like to restrict the access to only specific google accounts. I can't seem to find any documentation on how to get that to work.

 

I have tried to instead create a new Authentication. One that is configured  with a Setup option of "Custom" and a User Validation Method of "ID Services Only". Then I enabled only Google ID Services, and selected by Authentication Data Source (table) to use the "social login field" of Username (as well as entering the same Client ID & Client Secret that worked in the Connection I created). But I cannot log in to the database with any of the accounts I added to the Authentication Data Source. and I've edited the DataPage's Access and Security to use this new Authentication (rather than the Connection). But when I try to authenticate, the Google login screen appears, and it accepts my passwords, but just returns me to the Caspio login page with the message "Unknown user. Contact the app administrator for assistance." at the top.

So my suspicion is that something's wrong with the record data in the authentication table I'm using as the data source.

It has only four fields:

Username Text(255) 

Password Password

Email Text (255)

Name Text (255)

For example, say I have an account with the email of bill.smith@gmail.com

I am using the Username field as the Authentications "Social login field" and I've tried populating that field with all the variations I can think of:

"bill.smith", "billsmith", "billsmith.gmail.com", "billsmith@gmail.com"

 but no matter what that contents, I still continue to get the "Unknown user. Contact the app administrator for assistance." message, after logging in successfully to that account. The Google ID Services seems to be working, but the the Caspio Authentication part doesn't.

 

So I'm stuck. Any ideas how to make this work?

 

 

 

Screen Shot 2017-04-28 at 5.35.19 PM.png

Share this post


Link to post
Share on other sites

5 answers to this question

  • 0
On 4/28/2017 at 3:37 PM, piepercfo said:

I just started using Caspio this week. I have a simple database project that I would like to share only with specific google users. I have successfully created a Tabular DataPage Report that is configured on the Access and Security section to Restrict Access by Requiring a Connection. The connection is successfully configured to use only Google ID Services. When I do this, any authenticated google/gmail account can be logged into my DataPage. That part works.

Ultimately, I would like to restrict the access to only specific google accounts. I can't seem to find any documentation on how to get that to work.

 

I have tried to instead create a new Authentication. One that is configured  with a Setup option of "Custom" and a User Validation Method of "ID Services Only". Then I enabled only Google ID Services, and selected by Authentication Data Source (table) to use the "social login field" of Username (as well as entering the same Client ID & Client Secret that worked in the Connection I created). But I cannot log in to the database with any of the accounts I added to the Authentication Data Source. and I've edited the DataPage's Access and Security to use this new Authentication (rather than the Connection). But when I try to authenticate, the Google login screen appears, and it accepts my passwords, but just returns me to the Caspio login page with the message "Unknown user. Contact the app administrator for assistance." at the top.

So my suspicion is that something's wrong with the record data in the authentication table I'm using as the data source.

It has only four fields:

Username Text(255) 

Password Password

Email Text (255)

Name Text (255)

For example, say I have an account with the email of bill.smith@gmail.com

I am using the Username field as the Authentications "Social login field" and I've tried populating that field with all the variations I can think of:

"bill.smith", "billsmith", "billsmith.gmail.com", "billsmith@gmail.com"

 but no matter what that contents, I still continue to get the "Unknown user. Contact the app administrator for assistance." message, after logging in successfully to that account. The Google ID Services seems to be working, but the the Caspio Authentication part doesn't.

 

So I'm stuck. Any ideas how to make this work?

 

 

 

Screen Shot 2017-04-28 at 5.35.19 PM.png

Hi,

I suppose that this tutorial video should be helpful.

Share this post


Link to post
Share on other sites
  • 0

Yes, I assumed that video would be helpful as well, and I did watch it before posting my question here. But unfortuntately it does not actually cover the specific question that I am asking: namely, what needs to be entered into the "Username" field of the Authenticated Data Source table for Google. You would expect that at around 3:00 minute mark it would have addressed that question, but it does not. Also, it does not cover the "ID Services only" option at all in the video. Neither is it covered in any of the Online Help Center Docs at:

http://howto.caspio.com/authentications-and-connections/setting-up-id-services/

Additionally, there does not appear to be any full documentation for Caspio available for download, nor is there any contextual help feature that documents exactly how to use the "ID Services only" option.

So while I appreciate the response to my post, that does not actually answer my question. 

My suspicion is that there is a bug in the current version of Caspio where the "ID Services only" option does not work with Google ID Services only. I could be wrong since I do not have access to any documentation, so I suppose it's possible that it actually needs some special syntax in the "Username" field to be compatible. But if that is not the case, then something is wrong with the current build. So I am wondering if anyone else has been able to make "ID Services only" work with Google.

I can make a Google "Connections" work, so I know that my application is correctly registered with Google, but the Connection's Advanced tab only allows for the creation of a "Blacklist" (which I can also make work, but which is the opposite of what I need). I would like to maintain a list of users who are allowed to connect, not a list of those who are forbidden. However, the interface on the Advanced tab for Connections is different than the interface for the Authentications tab. 

 

When creating a blacklist, it asks for the data source table, and allows you to choose from a variety of fields. When I chose the "IDService.Email" it allowed me to create a working blacklist that rejected Google users based on their email address, BUT the Authentications dialog has no such variety of field choices. It only specifies "Social login field" (whose specific meaning is not explained anywhere). Again, I would assume it would be the Google user ID without periods, but when I enter that (as explained in my first post) it doesn't work.

 

Share this post


Link to post
Share on other sites
  • 0

Got an answer to my question (Thanks so much Francis!)

I got confirmation that the "Social Login Field" is not the same as the account name or the email address. For example, the Google social login field is a text string that resembles the following: "Google:123456789012345678901"

Where it's the word "Google:" followed by a 21-digit number that uniquely identifies the Google account.

There is a specific set of steps necessary to obtain that information which is not yet documented on the Caspio Support site. As soon as I have a chance I will append the instructions here in case anyone else ever needs to do this as well.

 

However, the unfortunate problem is that this doesn't actually allow the desired results to be accomplished (specifcially: limiting access to a DataPage to specific Google users only by using "ID Service only"). This is because the method that is required to obtain the Google social login field is initiated by the google user, so it can't directly be used to create a list of allowed users because this causes a catch-22 situation where the Caspio admin/developer can't know the ID Service social login field without allowing the new user to login first, and once they do so, they are automatically added to the  authentication data source. Therefore you basically need to allow access to all google users in order to get their unique social id which would be used to limit their access. Classic chicken & the egg dilemma.

But I have an idea for how to avoid that conundrum and am working on implementing it now. Hopefully it will work...

Share this post


Link to post
Share on other sites
  • 0

I would recommend for the user registration form to create a Connection using Google ID services. You can then capture the Social Login field value. Simply include the field you wish to use to store this value on the registration page, set it to hidden, and have it receive the Unique Social Login value from the Connection fields. Here is a screenshot to help illustrate this:

 

image.png.75ddf2bf171a197188a47cec9bd6f1c8.png

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now