ProcFu Help
Search
🔒

Authentication

Mini Apps can have one of the following authentication schemes:

Podio

With Podio authentication, users authenticate using their own Podio accounts.

OPTIONAL: If you wish to restrict which users can log in, you can also specify a users app that would need a a single-line text or email field to store the Podio user's email address.

If you're using an email field though, make sure you only ever have one email address in the field.

This is useful to allow Podio users to work in apps that they have no access to in Podio (ie they are not members of the space the app is in).

Note: If you do not provide a users app to map to, the authenticated user will only be able to view data they have access to in Podio (to prevent just any Podio user from accessing your app). If you do provide a users app, then the logged in user will be able to view any data your app provides.

⚠️
All edits in the Mini App are performed in Podio as the authenticated user of the Mini App (not the ProcFu account holder). If the user does not have permissions to make edits, the edits will be made as the App instead.

Link in URL

The link authentication assumes you will be emailing your users a link to log into your Mini App.

You will require a users app with a single-line text field to store the password.

How you populate this field is up to you, but GlobiFlow will make it easier. Just make sure that each user record has a unique and secure password value.

You will also need to specify the URL Parameter to use for this password (name of the variable in the URL that contains the password, eg: "link").

The link to send to your users is then the link of the Mini App plus the user's specific password in the URL parameter, eg:

https://procfu.com/widgets/mcapp/BztLMN4lOjv8/?link=mQL5P789oprcSjSC
                                      |         |           |
                            Mini App ID         |           |
                               URL Parameter Name           |
                                        User's Password Value

After successful login, the Podio item that matches the password will be the current reference item. For instance, if you add a Detail screen as the first screen, it will be the details of this user record, and if you add a View screen of related items in another app, those items would need a relationship field set to this user record.

All edits in the Mini App are performed in Podio as the App where the edit is taking place.

⚠️
It is important to note that links sent in email etc can potentially leak out, so do not create complex apps allowing a lot of functionality with link authentication. This scheme is best of simple one-page "edit your record" kind of scenarios.

Simple Password

The simple password authentication allows all users to log in with the same password. Note that this is not very secure and should not be used for sensitive data.

You will also need to provide the password that users will need to log in.

When users go to your Mini App, they will be asked to provide this password.

All edits in the Mini App are performed in Podio as the App where the edit is taking place.

Note that there is no current item for the context, so your first screen cannot be a view of related items or an item detail directly. You would need to start the app on a public Podio view of items.

Username / Password

Username password authentication allows users to log in with a username and password unique to them.

You will require a users app with two single-line text fields. One to store the username and one to store the password.

How you populate these fields is up to you, but GlobiFlow will make it easier. Just make sure that each user record has a unique username and a secure password value.

When users go to your Mini App, they will be asked for their username and password.

After successful login, the Podio item that matches the username and password will be the current reference item.

All edits in the Mini App are performed in Podio as the App where the edit is taking place.

Google

Google is a nice and easy way to authenticate, however we will stop just any Google user from logging.

You will require a users app with a single-line text or email field to store the Google user's email address.

If you're using an email field though, make sure you only ever have one email address in the field.

The actual authentication is done via Google.

After successful login, the Podio item that matches the Google user's email address will be the current reference item.

2-Factor Authentication

For username/password and mysql authentication you have the option of adding 2FA if your app contains really sensitive information.

Simply enable the options and choose an email or mobile phone field for the verification to be sent to.

After logging in with the correct username and password, the system will either email the security code or send an SMS text with the code to the user (depending on the field you chose in the auth screen and it's content).

And the user will be required to enter this code before continuing.

(c) 2024 ProcFu for Podio - by Globi | Join the Discussion in our Podio Workspace.