Understanding authentication and authorization in Brightspot

You may want to expose certain parts of your site to visitors who are logged in. To achieve this, you configure authentication and authorization settings in Brightspot, and then create a login module that you place on a login page for those visitors to log in. This topic explains the order of operations to achieve this result.

At this time, Brightspot offers two third-party authentication providers through which your site visitors can authenticate: Facebook and Google.

To configure authentication and authorization settings:

1. Add a callback API endpoint for the provider you choose. For details, see the following two topics.
   
   • Adding a Facebook callback endpoint
   • Adding a Google callback endpoint
2. Add the provider's app to Brightspot. For details, see the following two topics.
   
   • Creating a Facebook service
   • Creating a Google service
3. Configure the authentication settings. For details, see the following two topics.
   
   • Configuring Facebook authentication settings
   • Configuring Google authentication settings
4. Once you have configured authentication, configure authorization. For details, see the following topic.
   
   • Configuring authorization settings
5. Once you have configured authorization, build a login module through which your visitors can authenticate. For details, see the following topic.
   
   • Login module
6. Build a login page to which you can direct visitors that hosts the login module. For details, see the following topic.
   
   • Login page
7. (Optional) Add a button to the login page to your site's navigation. For details, see the following topic.
   
   • Creating a navigation