Summary:
In this community article, we will look at the steps involved in setting up Guest Portal authentication via Social Media Login, in this case via LinkedIn.
Question:
How is this different from traditional Guest Access authentication methods?
- This method is designed for authenticating guest users logging in through the captive portal with their Social Media Accounts, such as Google, Facebook, LinkedIn and Twitter.
Note: Guests must re-authenticate after the session ends.
Customer Environment:
- SmartZone/Virtual SmartZone [Essentials/High-Scale] (Controller), version 6.1. 0.0.935.
- R610 (Access Point)
Setup Procedure:
- In the vSZ/SZ GUI, navigate to ‘Security – Authentication’ and select ‘Non-Proxy (Social Login).
- Select your AP zone from the left-hand side menu and click on the ‘Create’ button.
![PraveenJacob_98-1654533209278.png PraveenJacob_98-1654533209278.png](/t5/image/serverpage/image-id/2705iE4D50639FA92C512/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Provide a name for your ‘Social Media Login Profile’. In this example, this is called ‘RuckusLinkedin’.
![PraveenJacob_99-1654533340950.png PraveenJacob_99-1654533340950.png](/t5/image/serverpage/image-id/2706i0C77698A3B9FE7DF/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Select the click ‘here’ button to generate your LinkedIn Client ID and LinkedIn Secret.
![PraveenJacob_100-1654533416506.png PraveenJacob_100-1654533416506.png](/t5/image/serverpage/image-id/2707i65A7A7A769D106E2/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- This action will redirect you to your LinkedIn Developers account, which you will need to create your custom app. The URL is https://www.linkedin.com/developers/login.
- Once authenticated to your LinkedIn account, please select the ‘Create App’ button under the ‘My Apps’ menu.
![PraveenJacob_101-1654533490007.png PraveenJacob_101-1654533490007.png](/t5/image/serverpage/image-id/2708iB5AE2077B64715ED/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- The first step to creating your own app is to provide an ‘App name*’ as shown in the image below. In this example, this is named ‘RuckusLinkedIn’.
![PraveenJacob_102-1654533525014.png PraveenJacob_102-1654533525014.png](/t5/image/serverpage/image-id/2709iBCF943464076FE9C/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Next, select a “LinkedIn Page*” associated with your organization. In this test case, this is ‘Ruckus Networks’.
![PraveenJacob_103-1654533566357.png PraveenJacob_103-1654533566357.png](/t5/image/serverpage/image-id/2710iA39B1C7C653382EA/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Next, we can upload a custom logo as required in the ‘App logo*’ section of the same page.
- Use the ‘Upload a logo’ button.
![PraveenJacob_104-1654533611666.png PraveenJacob_104-1654533611666.png](/t5/image/serverpage/image-id/2711iE55F8AF475A37A29/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- The privacy policy URL is optional, and, in this example, this is left untouched.
- Accept the ‘Legal Agreement’ and then click on the ‘Create App’ button.
![PraveenJacob_105-1654533654056.png PraveenJacob_105-1654533654056.png](/t5/image/serverpage/image-id/2712iF2BC9B5BDBE868F4/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- The created app is now visible as seen below. Click on the ‘Verify’ button to complete the App verification process.
![PraveenJacob_106-1654533686134.png PraveenJacob_106-1654533686134.png](/t5/image/serverpage/image-id/2713i2697655BF1C7124D/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- In the next window, click on the ‘Generate URL’ button under the ‘Verification URL’ tab.
![PraveenJacob_107-1654533782052.png PraveenJacob_107-1654533782052.png](/t5/image/serverpage/image-id/2714i486045FEC27864D7/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Click on the ‘I’m done’ button in the next window to complete the verification.
![PraveenJacob_108-1654533823451.png PraveenJacob_108-1654533823451.png](/t5/image/serverpage/image-id/2715i124FD201A8B47AC8/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Select the ‘Auth’ tab and add the ‘Redirect URL’ for LinkedIn under the ‘Authorized redirect URLs for your app’ section.
- The redirect URL for LinkedIn is ‘https://ap.ruckus.com:9998/linkedinHandler’.
- Click on ‘Update’ to complete this configuration.
![PraveenJacob_109-1654533866046.png PraveenJacob_109-1654533866046.png](/t5/image/serverpage/image-id/2716i39DB483F06A48562/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Select the ‘Products’ tab and select the ‘Sign In with Linkedin’ product.
![PraveenJacob_110-1654533909503.png PraveenJacob_110-1654533909503.png](/t5/image/serverpage/image-id/2717iF933A4791552B9C0/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Complete this step by accepting the ‘Legal Agreement‘ and finish by clicking the ‘Add product’ button as shown below.
![PraveenJacob_111-1654533958358.png PraveenJacob_111-1654533958358.png](/t5/image/serverpage/image-id/2718i330EB72E90360938/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- The ‘Added Product’ is now visible in the ‘Added Products’ section as shown below.
![PraveenJacob_112-1654534016989.png PraveenJacob_112-1654534016989.png](/t5/image/serverpage/image-id/2719iA16BB500B189B5AA/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Select the ‘Auth’ tab and copy the ‘Client ID’ and ‘Client Secret’.
![PraveenJacob_113-1654534065015.png PraveenJacob_113-1654534065015.png](/t5/image/serverpage/image-id/2720i573AD3E05E2456BD/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Input the copied ‘Client ID’ and ‘Client Secret’ onto the ‘Social Auth Options’ in the SZ/vSZ GUI.
![PraveenJacob_114-1654534093558.png PraveenJacob_114-1654534093558.png](/t5/image/serverpage/image-id/2721i043447EB88503230/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Add the following domains to the list of the ‘Whitelisted Domain’ in the ‘Create Social Media Login Profile’.
- *.linkedin.com
- *.licdn.com
![PraveenJacob_115-1654534150173.png PraveenJacob_115-1654534150173.png](/t5/image/serverpage/image-id/2722i228EE89A9B8F396B/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Next step is to create a ‘Guest Access’ portal under for our Guest users, under Services.
![PraveenJacob_116-1654534238833.png PraveenJacob_116-1654534238833.png](/t5/image/serverpage/image-id/2723iC6BCC1C977AFD895/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- In this example, this is named “Guest_portal_123”. Click ‘Ok’ to save the Guest Access portal configuration.
![PraveenJacob_117-1654534380443.png PraveenJacob_117-1654534380443.png](/t5/image/serverpage/image-id/2724i518B8A00167EF7BE/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Next, create the concerned ‘Guest Access’ WLAN for our Guest users.
- In this example, the WLAN is named ‘Guest_Access_123’.
- Select the following parameter for Authentication Options - Guest Access.
- Select the required ‘Encryption Options’. In this example, WPA2 & Passphrase is deployed.
![PraveenJacob_118-1654534413331.png PraveenJacob_118-1654534413331.png](/t5/image/serverpage/image-id/2725i6F3517ACDEBE1027/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- Under ‘Guest Access Portal’ section in the ‘Create WLAN Configuration’ window select ‘Guest Access/Social Media Login’ and assign the ‘Social Media profile’ and ‘Guest Portal Service’ previously configured.
![PraveenJacob_119-1654534450799.png PraveenJacob_119-1654534450799.png](/t5/image/serverpage/image-id/2726i9750FC0830D8CDCB/image-size/medium/is-moderation-mode/true?v=v2&px=400)
- For this example, all other settings including VLAN assignment for end-user devices are set to the default values.
- Now, click ‘OK’.
Sample of client login page:
![PraveenJacob_120-1654534481014.png PraveenJacob_120-1654534481014.png](/t5/image/serverpage/image-id/2727i2E59C92096C741F2/image-size/medium/is-moderation-mode/true?v=v2&px=400)