The Login Profile defines the identification requirements of end-users, both new users sign-up and returning users authenticating to the service.
The Login Profile must be combined with a Splash Page (which defines the page content and design) to create a complete web-based experience. Login Profiles and Splash Pages get combined when you assign them to a Location or to a Passpoitn Onboarding Portal.
Using Login Profiles
You can assign Login Profiles to Location by either editing a Location property or by assigning
Once you have a Login profile, you can assign it to a location (through the Locations section, by clicking on the left sidebar at Manage → Login Profiles) and enable there all the desired options.
Your location will be pre-configured with two login profiles (called "Click-through access" and "Username and password"). You can edit any existing Login profile or create a new one.
Delegation Options
For any option in the Login Profile editing screens, you can set the delegation options:
- If you're going to apply this setting for all your locations, then you have to set the lock option:
- If you want to let your location able to change the value assigned at the Organization level, then you have to set the unlock option:
The Login profile section consists of three tabs: Login options, Policies and Advanced.
Login options
The first option to select is the type of experience you want to create. Depending on the selected experience mode, the options available in the Login Options tab change.
- Single Step: in this case, the user is presented with only one form when using the click-through method.
In this case, you can define a Primary Sign-Up mode, choosing between username/password and click through. - Multi Step: in this experience option, you can create two different screens, with independent configurations of the form. In the experience mode, the registration with username/password is not available.
Other sections that are available in the screen independently of the Experience mode are:
- Social Login
- One-Time Password Login (you'll see this option when Kiosk is enabled and installed in your organization instance)
Single Step
PRIMARY SIGN-UP
The primary sign-up method defines the method and options to register and identify users relying on the Cloud4Wi identity management system.
You can set pick between the following options:
- Username/Password: this option enables the classic user registration form where end-users need to register and create an account with a username and password that can be used to login in a second moment
- Click-through: this option enables a passwordless approach, where end-user needs to provide the data as defined in the login profile to create an account; by default, returning devices are identified against their MAC address and authenticated/authorized with their matching account with
- None: none of the identification methods above are enabled (assuming that other options will be used).
Depending on what you configured in these sections, there may be other options to configure.
If you selected Username/Password, then the following options are available:
Username: by selecting this option you can determine how the system builds a username for a registered end-user. Options include:
- Mobile number: the username for the end-user is the mobile phone number provided during registration. If the phone number does not belong to any registered end-users, the username will be the phone number. Otherwise, if it already belongs to a registered end-user, and if the Multiple registrations of the same mobile number option is enabled, the username will consist of the provided phone number + a numeric suffix.
- Customer name: the username for the end-user is based on the first name and the last name provided. More precisely, the username will consist of: the first 6 letters of the first name (or the whole first name if it is 6 letters or less) + the "." character + the first 6 letters of the last name (or the whole last name if it 6 letters or less) + a progressive number used in order to avoid duplicate usernames
(e.g. John Doe → john.doe1 ; Alexander Smithee → alexan.smithe1) - Generated by the system: the username for the end-user is a random alphanumeric string chosen by the system.
- Email: the username is the email address of the end-user.
Allow sign-up from the Splash Page: by selecting this option, it is possible to establish whether an end-user can register through the Splash Page. Possible values for this option are:
- Yes: the end-user can register directly through the Splash Page (autonomous registration).
- No: the end-user should go to the Location Manager in person and ask for personal access credentials.
Registration fields: by selecting this option, it is possible to specify fields that will be requested from end-users in the registration form. If no fields are specified, the default registration fields will be prompted to end-users. It is possible to enable the following fields:
- First name
- Last name
- Title
- Birthday
- Gender
- Phone number
- Personal ID
- Personal ID (Brazil)
- Passport number
- Country
Mandatory registration fields: by selecting this option, you can specify which of the Registration fields specified (in the previous option) are mandatory. If you leave this empty, any field displayed to end-users is intended as optional. You can also decide to make mandatory "Email or phone".
Allow multiple accounts with the same phone number: by selecting this option, it is possible to determine if the system can accept two or more end-users with the same mobile number within the location. Possible values for this option are:
- Yes: multiple registrations with the same phone number are allowed. In this case, if Username type is set to Mobile Phone, the username will consist of the provided phone number + a numeric suffix.
- No: multiple registrations with the same phone number are not allowed. If the phone number provided is already used in the location, then the end-user receives an error until another mobile number is entered.
Allow multiple accounts with the same email: by selecting this option, you can determine if the system can accept two or more end-users with the same email address within the location. Possible values for this option are:
- Yes: multiple registrations with the same email address are allowed. In this case, if Username type is set to Email, the username will consist of the provided email address + a numeric suffix. For example: john.doe@cloud4wi.com2
- No: multiple registrations with the email address are not allowed. If the email address provided is already used in the Location, then the end-user receives an error until another email address is entered.
Show sign-up summary screen: by selecting this option, you will enable a summary screen that is shown to any end-user as soon as the sign-up form is submitted without validation errors. Here the end-user is able to check if the data are correct and decide whether to go online or go back to the sign-up form. Possible values for this option are:
- Yes: this screen is shown
- No: this screen is not shown and the end-user will go directly online after signing up
Enable self-care portal: by selecting this option, you can enable the My profile section for the Splash Page. If enabled, end-users can display and update their personal data, unregister from the service, check for active internet plans, and check the list of traffic sessions in the past. This option is not available if the Sign-up method is set to "Click-through". Possible values are:
- Yes: the My profile section is available to end-users.
- No: the My profile section is not available to end-users.
Allow password recovery from Splash Page: by selecting this option, it is possible to choose whether the password recovery is allowed for end-users or not. This is not available if the Sign-up method is set to "Click-through". Possible values are:
- Yes: end-users are able to recover passwords to access the service by clicking on the appropriate link within the Splash Page.
- No: end-users cannot automatically recover passwords and must go to the location manager in person to obtain credentials.
If you configured Click-Through, then the following options are available
Registration fields: by configuring this option, it is possible to require the end-user to enter some personal data, such as:
- First name
- Last name
- Title
- Birthday
- Gender
- Phone number
- Personal ID
- Personal ID (Brazil)
- Passport number
- Country
Mandatory registration fields: by selecting this option, you can specify which of the Registration fields specified (in the previous option) are mandatory. If you leave this empty, any field displayed to end-users is intended as optional.
If you configured None, then no further options are available
Multi Step
In the case you selected a Multi-Step experience, the following options are available.
Step 1
In the Step 1 section, you can configure the form shown to the user in the first page of the Splash Page. Other than the Attributes and Mandatory Attributes, you can select the list of opt-ins that you want to show the user in this step.
Step 2
The configuration of the Step 2, requires the definition of the form attributes and mandatory attributes, other than the opt-ins to show the user.
Note that you can publish attributes and opt-ins that have been published already in the Step 1, and their value will be pre-populated with the value the user entered in the Step 1
There are two different ways you can cofnigure the Step 2 by selecting the Type dropdown:
- subscription: in this case, the second screen will present two buttons, a submit button and a "skip" button. This operating mode is designed to prompt the user to subscribe to certain programs without making it mandatory. Note that if the form includes any mandatory attribute/opt-in, the submit button cannot be clicked unless all the form requirements have been satisfied. The user can always opt to skip.
- enrichment: in this case, the second step is used to collect further data form the user, and there is only one submit button
The Step 2 screen also includes a header part where you can configure (in each language) the text for a headline and a subtitle. This is used to explain to the user the context of the second screen (for example if you are using it to invite the user to subscribe to a loyalty program)
SOCIAL LOGIN
This sub-section allows you to enable the Social Login flow on your location.
To do that, just set Enable: Yes.
Once Social Login is enabled, you can choose to enable the integration with the following social network providers:
- GMail
- VKontakte
- Foursquare
Registration fields: by configuring this option, the user will be asked to enter the following information if it is not returned by the social network provider.
- First name
- Last name
- Title
- Birthday
- Gender
- Phone number
- Personal ID
- Personal ID (Brazil)
- Passport number
- Country
Mandatory registration fields: by selecting this option, you can specify which of the Registration fields specified (in the previous option) are mandatory. If you leave this empty, any field displayed to end-users is intended as optional.
ONE TIME PASSWORD LOGIN
If Kiosk is enabled on your organization instance, then you will see this sub-section. From here you can enable your Splash Page to accept-one time passwords designed for Kiosk.
To enable the One-time password login, just set Status: Enabled.
Policies
In this tab, you can set the options that relate to the collection of consent and acknowledgment to the service agreements.
Acceptance of Terms of Use and Privacy Policy: By configuring this option, it is possible to set the following modes of policy acceptance:
- Explicit: the end-user has to check Terms of Use and Privacy Policy before clicking the button to go online. If it does not happen, then the end-user gets an error
- Implicit: when the end-user clicks the button to go online, then it is intended that he accepted Terms of Use and Privacy Policy and no checkboxes for this will be shown to the end-user. A specific statement on the Splash Page describes this behavior without any ambiguity.
Terms of use and Privacy Policies: By configuring this option, it is possible to set the following modes of policy acceptance:
- Unified in single clause: the end-user will get a unique acceptance statement for Terms of Use and Privacy Policy.
- Implicit: the end-user will get two separate acceptance statements, one for Terms of Use and one for Privacy Policy.
Terms of Use: By configuring this option, it is possible to customize the Terms of Use clauses as described below:
- Default text: the Terms of Use of the service are the default one provided by Cloud4Wi
- Custom text: the end-user is able to customize in the Terms of Use for the service, in all the provided languages.
In case of Custom text you are required to enter a Version of your clause.
You can also check Ask your existing users to accept the new policy version again in order to ask your users to re-accept the Terms of use if the last version accepted is different from the one set in the Login Profile.
As this option affects the user experience, please use it only if you are aware of what you're doing. You can find more information here. If in doubt, do not hesitate to contact our Support Team.
Privacy Policy: By configuring this option, it is possible to customize the clauses of the Terms of Use as described below:
- Default text: the Terms of Use of the service are the default one provided by Cloud4Wi
- Custom text: the end-user is able to customize in the Terms of Use for the service, in all the provided languages.
In case of Custom text you are required to enter a Version of your clause.
You can also check Ask your existing users to accept the new policy version again in order to ask your users to re-accept the Privacy Policy if the last version accepted is different from the one set in the Login Profile.
As this option affects the user experience, please use this option only if you are aware of what you're doing. You can find more information here. If in doubt, do not hesitate to contact our Support Team.
Pre-check Terms of Use and Privacy Policy: By checking this option, Terms of Use and Privacy Policy will be checked by default on the Splash Page.
Promotional Communication Policy: by selecting this option, you can ask end-users to agree to receive marketing communications from the service provider. You can send communications using the following applications: Emails and Triggered Campaigns. Possible values are:
- No: end-users will not be asked to receive any marketing communications. End-users won’t be able to accept or decline marketing communications and will not receive them at all.
- Opt-in to receive promotional communications: end-users will be asked to click on the checkbox if he or she wants to receive marketing communications.
- Opt-out of receiving promotional communications: end-users have a choice not to click on the checkbox if he or she does not want to receive marketing communications.
If Opt-in or Opt-out are enabled, then it is also possible to choose between displaying the default text or a custom one for any supported language.
Pre-check Promotional Communication Policy: this is displayed only if Promotional Communication Policy is set to "Opt-in to receive promotional communications". If you check this option, then the marketing clause will appear checked by default on the Splash Page. Otherwise, it will not be checked.
Minimum Age Verification: by enabling this option you can ask your end-users to confirm to be older than a certain age. You can use this option to restrict your service based on the age of your end-users.
You are required to enter a Version of your age verification clause.
You can also check Ask your existing users to accept the new policy version again in order to ask your users to re-accept the age verification clause if the last version accepted is different from the one set in the Login Profile.
As this option affects the user experience, please use this option only if you are aware of what you're doing. You can find more information here. If in doubt, do not hesitate to contact our Support Team.
Custom Opt-in: this option allows you to define custom opt-in clauses that you can submit to your end-users, without any obligation of acceptance for them. When the end-user accepts one or some clauses, this information will be stored in the platform and displayed in the end-users' CSV file that you can export from the People section.
You can define up to 5 opt-in clauses simultaneously, and for each clause you have to provide:
- Terms name: an alphanumeric value (only [0-9][a-z][A-Z] accepted) that is used for inventory purposes and displayed only in the end-users' CSV file (it won't be shown to your end-users)
- Version:
- Text: you can define the text that will be displayed next to your checkboxes, for each language you set on the Splash page.
- Required: you can choose to make the acceptance mandatory for the end-user.
You can also check Ask your existing users to accept the new policy version again in order to ask your users to re-accept your custom clause if the last version accepted is different from the one set in the Login Profile.
As this option affects the user experience, please use this option only if you are aware of what you're doing. You can find more information here. If in doubt, do not hesitate to contact our Support Team.
Advanced
This section contains more advanced login option and consists of the following sub-sections:
- Access control
- Communications
- Success page
ACCESS CONTROL
This sub-section allows enabling all the features connected with access control.
Smart Authentication: this is a type of MAC authentication that ties devices to user accounts and on the second login automatically makes the authentication on behalf of users when they open the Splash Page.
If the Smart Authentication is enabled and the user previously had signed in by using the same device, then he will be automatically signed in when opening of the Splash Page, without any need of manual authentication.
Primary Sign-Up Validation: by selecting this option, it is possible to add a validation step during the registration of end-users. Possible values are:
- None: no validation step required
- Password via text message: the password is sent to the phone number provided by the end-user (available only for "Username/Password").
- Inbound text/call: the end-user is required to call or send a text message to a specified phone number in order to receive the username and the password (available only for "Username/Password").
This option enables: Enable inbound call, Enable inbound text messages (separate options to enable inbound texts, or calls, or both) - Email: a verification email is sent to the email address provided by the end-user. The user is required to check his mailbox and click on a link to unlock his account (available for "Username/Password" and "Click-Through"). Please find here an example of how it works: Set up Click-through with email verification.
- Validation code via text message: the end-user receives a text message containing the username and the verification code. The end-user has to enter the verification code to get the access (available for "Username/Password" and "Click-Through")
Social Login Validation: by selecting this option, it is possible to add a validation step when the end-user signs up through Social Login. Possible values are:
- Validation code via text message: the end-user receives a text message containing the username and the verification code. The end-user has to enter the verification code to get access.
- Send a text or call: the end-user is required to call or send a text message to a specified phone number in order to receive username and password
- None: no validation step required
Require access code for foreign users: by selecting this option you can require any end-user providing a foreign mobile country code (different than the default one set in the Preferences) to enter an identification code in order to get the access. Possible values are:
- Yes: foreign end-users are asked to enter the code
- No: this validation step is not required
Shared password: by selecting this option, it is possible to ask the end-user to enter a shared password after any successful authentication, in order to get the access. Possible values are:
- Yes: shared password is required
- No: this validation step is not required
Sponsor validation: by selecting this option you enabled the Sponsor validation that let an end-user to get the access only after having been enabled by qualified people (called "sponsor"). Possible values are:
- None: the Sponsor validation is disabled
- Multi Sponsor: Sponsor validation is enabled for some domains that you have to enter in the provided input field, separated by commas
- Single Sponsor: Sponsor validation is enabled. Only one email address is allowed to act as the sponsor, and you have to enter it in the provided input field
Please note that enabling Sponsor Validation will disable the following options:
Primary Sign-Up Validation, Social Login Validation, Require access code for foreign users, Shared password.
COMMUNICATIONS
This sub-section allows enabling the Splash Page to send e-mails to the end-user on sign-up/sign in.
Send welcome email at sign-up: by selecting this option, the Splash Page sends an e-mail on end-users' sign-up. Possible values are:
- Yes: the platform sends a welcome email on the sign-up of the user
- No: no welcome email is sent on the sign-up of the user
Send welcome email at sign-in: by selecting this option, the Splash Page sends an e-mail on end-users' sign-in. Possible values are:
- Yes: the platform sends a welcome email on user's sign-in
- No: no welcome email is sent on user's sign-in
SUCCESS PAGE
This sub-section allows enabling some behaviors after the end-user has successfully got the access.-
Show log out button: by selecting this option, you can enable the "Logout" buttons and links on the Splash Page. Possible values are:
- Yes: "Logout" buttons and links are displayed
- No: "Logout" buttons and links are not displayed
Please note that in the cases below this option will be hidden and no logout button will be displayed on the Splash Page:
- You enabled the Smart Authentication
- Your access point does not support "logout" from the web interface.
Display welcome box on landing page: by selecting this option, it is possible to show the welcome box after end-user authentication. The possible values for this option are:
- Yes: the welcome box is displayed.
- No: the welcome box is not displayed.