Creating portals with authentication

Example 1

Consider the following example:

You want to use a Platform portal to allow non-Platform users to respond to an invitation to an event. Each invited person can log in to the portal and indicate whether they will attend the event.

To build such a portal, create the following:

• An object named Invitee with the Portal User and Contact attributes. See Creating a portal user for details about creating this type of user account.
• A Radio Button field in the Invitee object named Will Attend with the values Yes and No.
• A record of the Invitee type for each person to invite, including the Login Name and Password fields.
• On the Invitee object, set the Portal User permissions to View and Edit.

The next step is to create a portal and portal pages. The following graphic illustrates the required portal pages and the typical navigation between them:

Add the following portal pages to the portal:

Page	Object	Page Type	Description	Authentication Required
Main	None	Generic	Links to the Login page	No
Login page	Invitee	Login Form	Allows a registered invitee to log in to the portal; destination page is the Invitation Response page	No
Invitation Response page	Invitee	Object Edit	Allows a logged-in invitee to select a Yes or No button and submit the response	Yes

Now, each invitee can log in to the portal and submit a response to the invitation.

Example 2

Consider the following, more complex example, where a portal user can:

• Register for access to a portal.
• Log in to that portal through a login form.
• View his/her information.
• Create comments.
• View the list of his/her own comments (but not comments created by other visitors).

To build such a portal, create the following:

• An object named Visitor with the Portal User and Contact attributes. See Creating a portal user for details about creating this type of user account.
• An object named Comment with a Text Area field.
• A one-to-many relationship between Visitor and Comment.

The next step is to create a portal and several portal pages. The following graphic illustrates the required portal pages and the typical navigation between them:

Add the following portal pages to the portal:

Page	Object	Page Type	Description	Authentication Required
Main	None	Generic	Links to the Login and Self-Registration pages	No
Self-Registration	Visitor	Object Create	Allows a new visitor to enter some personal info, including login name and password	No
Login Page	Visitor	Login Form	Allows a registered visitor to log in to the portal	No
Visitor View	Visitor	Object View	Displays personal information and a list of comments created by the current visitor	Yes
Edit Visitor	Visitor	Object Edit	Allows an existing visitor to change some personal information including the login name and password	Yes
Create Comment	Comment	Object Create	Allows the creation of a new Comment record. The current visitor is automatically related to the new Comment record (and vice versa).	Yes

This portal has the following requirements for permissions:

• Portal users can create, view and edit their own personal visitor information (their own record).
• Portal users cannot access personal records of other visitors.
• Portal users can create and view (and optionally edit and delete) their own comments.
• Portal users cannot access comments created by other visitors.

To satisfy these requirements, you would set the following permissions on the Visitor and Comment objects:

Object	Role	Access Granted
Visitor	Portal User	Create
Visitor	Record Creator	View, Edit
Comment	Portal User	Create
Comment	Record Creator	View

In this design, any portal user can create a new Visitor record - this represents self-registration. But the View privilege is granted only to the Record Creator. This means that an authenticated visitor can only view their own personal record. If a visitor tries to access data of another visitor, they'll be denied access.

You can assign permissions to the Record Creator role from the Permissions section of an object definition's details page.

You can assign permissions through the relationship between the current user and records the same way as you can between a regular user and records (see Role-based access control).

Activating a Portal User

Portal users can be activated by using an activation link sent to the portal user's email address. See Configuring Portal Password Authentication Profile, for more information on configuring password for any portal user.

When a new portal user is created, a welcome email along with an activation link is sent to the portal user's email address under the following conditions:

1. Ensure the Password field is empty. This is available on enabling the Portal User attribute of the object.

2. Provide an Email Address. This is available on enabling the Contact attribute of the object.

3. Ensure the Is Active field is set to true. This is field is available if the Portal User attribute is enabled for an object. If Is Active is set to false, no welcome email is sent.

Forget Password for a Portal User

Existing users can use the Forgot Password to receive an email with the activation link to reset their password. On successful password reset, it redirects to the Portal URL. This URL is configured in the portalLink_field for the corresponding Portal User record. If not configured, it redirects to the loginExpired.jsp page without any portal login.

Disabling a Portal User

To disable a portal user, uncheck the Is Active checkbox and save the record. This also clears the existing password. However, re-enabling the Is Active field sends a new welcome mail.

Reset Password for a Portal User

The end-users can utilize the above forgot password to reset the user. If the administrator requires resetting the password, follow these steps:

1. Disable the portal user with Is Active field set to false.

2. Re-enable the user using Is Active field set to true.

This resets the portal password and the portal user receives a new welcome email with the activation link.