This is the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Authentication Providers

The options available to associations to gate your content is dependent on your Customer Management System. Currently the following options may be used to gate content within the Virtual Y website.

Personify

Single Sign On (SSO)

You may require members to log into their account within the Personify CRM system.

Daxko

Single Sign On (SSO)

You may require members to log into their account within the Daxko CRM system.

Note, Daxko API access is required. Daxko charges an API usage fee.

Barcode Validation

You may require members to enter their bar code before accessing the site. Virtual Y will validate the barcode with Daxko prior to granting access.

Set up Daxko Barcode Validation.

ReClique

Single Sign On

You may require members to log into their account within the ReClique CORE CRM system.

CSV File Uploads

CSV Upload without email verification

An association may upload a membership CSV file indicating what members may access the gated content. Members provide their email address and the Virtual Y site will validate a match before granting access.

CSV Upload with email verification

An association may upload a membership CSV file indicating what members may access the gated content. Members provide their email address and the Virtual Y site will require members access their email and click a link to gain access to the gated content.

1 - Daxko Barcode Authentication

Open Y Gated Content (Virtual Y) release 0.13 includes a new authentication provider to support Daxko Virtual Areas. This will allow associations using Daxko to set up Virtual Area that enable members to access Virtual Y content using only their member barcode!

Instructions for setting up Virtual Areas are in Daxko’s documentation. If you need assistance configuring Virtual Areas, Daxko’s support team can assist you in setup: support@daxko.com

Configuration

  1. Enable Daxko Barcode Virtual YMCA integration
  2. OPTIONAL (but highly recommended): configure reCaptcha settings at /admin/config/people/captcha/recaptcha.
  3. Add your validation secret and form url and check help messages at /admin/openy/virtual-ymca/gc-auth-settings/provider/daxkobarcode.
  4. Save your settings.
  5. Set Daxko Barcode as your main authorization plugin at the Virtual YMCA settings: /admin/openy/openy-gc-auth/settings.

Once enabled, the module enables granular configuration to messages that users will receive on the page. It allows changing “Barcode” to something different, like “Member ID”, and allows adding help text to assist members in finding their ID. It also allows for global help text to direct members to help channels in case they’re unable to log in.

The Daxko Barcode configuration form

Once the module is enabled, members will be presented with the appropriately titled field to log in to Virtual Y.

The Virtual Y login page with Daxko Barcode authentication and reCAPCHA enabled

Upon success the user will be logged in to Virtual Y. Upon failure the failure state will be returned along with a help message provided by the association.

The Virtual Y login page with an error from a failed authentication

Notes

Members with a Balance Due

Anyone with a balance due in Daxko doesn’t have access to Virtual Y [via Daxko Barcode]. A lot of the accounts with balances are families with memberships who receive state scholarships for child care. The balance in Daxko is the portion the state pays, so it’s a bit of a “fake” balance. Any way for us to allow any ACTIVE member to use [Virtual Y], regardless if they have a balance or not?

The fix:

There’s a setting on the Daxko Operations virtual area at Membership > Virtual Area > Virtual Y > Edit that you can check/uncheck for “Block access when balance due.” You can uncheck that and it should let the member access the virtual area.

2 - ReClique SSO Configuration

The ReClique Core API enables check-in access by specifying member Email address. Following are the steps necessary to fully configure the ReClique Provider.

Acquire ReClique Core API Access

To get started, you will need to do the following activities in the ReClique CORE portal, while logged in as a YMCA super admin user:

  • Locate and note your YMCA association’s YMCA ID, known within the ReClique CORE documentation as the “Association Slug”.
  • Create a separate user for executing the ReClique CORE authentication API, and grant this user API level access

In detail:

  1. Log into the ReClique Core portal using a user with YMCA super administrator role.
  2. Click “Profile” in the top-right corner of the CORE portal.
  3. The YMCA ID is the non-numeric part of the “Association Slug” in front of the numeric user id. Please note this value for use in the Verification URL. In this example, the text midtn is this association slug value, and is what is needed for the YMCA ID.
  4. Click “Users” from the navigation menu (Users > Add New User)
  5. Select the “+ Add User / Staff” button.
  6. Create a stand-alone user for the purpose of executing API calls only. A suggested name is virtual_y, but any suitable name can be used.
  7. Assign this user the API Access role by selecting “Use Core API” in the Other list of role options.

Configure the Virtual Y ReClique Provider

For the Virtual Y site to communicate with the ReClique Core API, you’ll need to configure the ReClique provider. Configuring the ReClique provider is quick and easy.

  1. Navigate to the Gated Content Auth Setting Page at Manage > Virtual Y > Virtual YMCA Settings > GC Auth Settings
    • The GC Auth Settings page, when loaded, will look like the following:
  2. Find the ReClique Provider option and click the Edit Action
  3. Enter Your ReClique Provider Settings.
    • The ReClique Provider configuration page allows specification of permission mappings, the settings for accessing the ReClique CORE authentication API, and Email Verification settings.
    1. Specify Permission Mappings
      • This is used for User Segmentation. User Segmentation will allow YMCAs to segment content to particular Virtual Y roles based on membership types. Refer to documentation from the Open Y Community for more information about Setting up user segmentation.
    2. Add ReClique CORE API settings
      • Here, you’ll add the values needed to connect to the ReClique Core API.
        FieldValue
        Verification URLThe API endpoint provided by ReClique to verify member logins. It takes the form https://{Y_ID}.recliquecore.com/ api/v1/members/virtual_y/?Email= (This is the Production verification URL)
        Authentication loginThe login for the dedicated user created with ‘Use Core API’ access in the ReClique Core portal.
        Authentication passwordThe password for the dedicated user created with ‘Use Core API’ access in the ReClique Core portal.
        ID field textThe text to be displayed on the Virtual Y login form. Default value is “Enter your Email:”
    3. Specify the Email Verification options
      • This will enable a one-time login link to be sent to the member’s email for verification. Here, you can configure the length of time the login link will last before needing to generate another, email verification text, and message displayed to the member with instructions on how to proceed with logging into the Virtual Y site.
    4. Specify the Verification Message
      • This is the message the member will see when logging in if they are Inactive. The phone number must be added at the very least.
    5. After configuring the ReClique provider, click “Save”.
    6. From the GC Auth Settings page, make sure only “ReClique Provider” is selected and click, “Save”.

Your ReClique Provider is now fully configured and is ready for use.

To test, logout from the admin portal. You should now see, from the Home Page, your new login form configured ready to accept input.

If a valid Email Address is entered and the member is Active, the member will be allowed access to your gated content (videos, blog post, virtual meetings).