CloudBlue Commerce provides the ability to log in from an external system UI to the CloudBlue Commerce control panel using the login name of a user and a shared secret.
A shared secret is a password which is shared between the external system and CloudBlue Commerce.
This login method is disabled by default. It can be enabled by a vendor (provider or reseller) for staff members of direct child customer accounts. To enable this login method, a vendor must specify a shared secret in CloudBlue Commerce. To disable this login method, a shared secret needs to be removed from CloudBlue Commerce.
To obtain instructions on how to manage a shared secret, refer to the Managing a Shared Secret section.
To log in to the control panel using the shared secret login method, a browser must be redirected to the following URL:
BRAND_ACCESS_URL/servlet/Turbine/frm/single/event1234submit/doLoginbysecret/action/pcp.PLoginHandler
where the BRAND_ACCESS_URL parameter is the URL for accessing a brand, for example https://cp.brand.acom
The following parameters must be passed to CloudBlue Commerce in the POST and GET HTTP requests:
user: the login name of a staff membersecret: the shared secret
Example of the GET HTTP request
https://cp.brand.acom/servlet/Turbine/frm/single/event1234submit/doLoginbysecret/action/pcp.PLoginHandler?user=staffmember01&secret=sharedsecret
When a staff member tries to log in to the control panel using the shared secret login method, CloudBlue Commerce verifies that the following conditions are true:
- The passed login name exists in CloudBlue Commerce
- The passed shared secret is valid
- The IP address of a client is allowed according to filtering rules
- When an HTTP request is passed through a chain of proxy servers, the IP addresses of each proxy server are allowed according to filtering rules
To obtain instructions on how to configure the filtering rules, refer to the Configuring Filtering Rules section.