User Account Authentication
Introduction to how you can allow users to use their account instead of license key to get hold of their licenses.
Idea
User account authentication allows you to verify what features your customers are entitled to without using their license key. Instead, they can authenticate using their Cryptolens account. This is more secure since it is easier to protect a user account (requires a username, a password and optionally two-factor authentication) than a license key.
Another advantage of creating user accounts for your customers is that they will be able to access customer dashboard, where they can review their existing licenses as well as sign up for subscriptions (supports Stripe).
In order to get this to work, you need to send your users a specific link so that their account is associated with a customer object in the dashboard. Cryptolens will take care of the account creation process, if it is required.
Note: This tutorial focuses on authentication of users who already have an account to the customer portal. If you prefer to control the entire registration and login experience, or license your application on a per user basis, we recommend to review this article first.
Implementation
Creating a customer
The first step is to allow users to sign up for a Cryptolens account. You can either share the generic sign up link with your customers (which can be found on the left side on the customer page) or create a customer in advance either through the dashboard or through the Web API using the Add Customer method. The generic sign up link is similar to the one below:
When creating a customer in advance, you need to set EnableCustomerAssociation to true. A link will than be created similar to the one below, which should be sent to your customers.
If they do not have an account already, they will be asked to create a new one and if they are already logged in, all the licenses that they have will show up in their dashboard.
Code
Let’s suppose you want to verify that a certain user has a license key for product 3349 that has not expired and contains Feature 1. We can achieve this using the code below:
Namespaces
Verification code
To get this code to work, you need the RSAPubKey, an access token with GetToken permission and the ProductId.
- The RSAPubKey can be found on this page.
- An access token can be created here. It needs a GetToken permission.
- The product id can be found on the product page.
The code above will open a new browser window where the customer can authorize the app to retrieve the license keys. If this is successful, you should ideally record the res.LicenseKeyToken
value so that next time the application starts it is passed to existingToken
. Only if GetLicenseKeys
method is not successful when you pass in the token value should it be called again without the existingToken
specified.
Considerations
When a new device is registered with a customer, it will still be possible to activate the license key with Key.Activate
and register an additional machine code. Therefore, we recommend to use one of the eight features or a data object to differentiate between these two cases.
More information
You can read more how user account authentication works on our blog.