I developing case management application for supervisors to make some extra reports and some others staff what we need… I`m using Survey Solutions API and Rest API to get all data what is need.
Since the API only works with the API account what can see and change everything, I need to filter and display data only for the current supervisor. Is it possible to somehow check users credentials using my application’s login form so I know which supervisor is logged in?
Hello @martinb, yes, it should be possible. Best, Sergiy.
Unfortunately there is no possibility to use Survey Solutions as an authentication provider (i.e. sso/oauth flow), so you have two ‘non-ideal’ options:
implement your own authentication - your system has username/password (or whatever auth) that is independent of Survey Solutions, and you (manually) do the matching, so if I’m a supervisor with username super1 on https://demo.mysurvey.solutions you create for me a new user (username may or may not be the same) on your https://casemanagement.com, say ‘zurab’ and then link inside your casemanagement app that whenever user ‘zurab’ is logged in, he should see the data corresponding to the supervisor ‘super1’.
implement a login form where you ask your users to specify username and password from Survey Solutions instance. Then you make a request with those credentials to the server, if the credentials are correct, you can read the user’s role/other info (for example via graphql viewer endpoint), if the name/password is incorrect, Survey Solutions will return 401.
The second option sounds more convenient for you and your users as you don’t have to create completely separate authentication logic/force people to have two sets of username/passwords, but has a MAJOR security issue - you are basically creating man-in-the-middle attack vector - users credentials are ‘seen’/manipulated with another application, and of course, even if you yourself may not have malicious intent, is a place where access to the user credentials and therefore to your survey data be leaked.
There may be more issues related to security that arise/some actions you can perform to minimize the risk, but the risk is there. The 1. of course has similar problems, if you’re exporting all data and presenting in your applications reports, potentially all your survey data may be exposed to an unauthorized access.
While leaks in the option 1 may be clearer to associate, problems in the implementation of the 2. may not be immediately obvious. So I have to put the warning in writing - If you expose your survey data and user credentials in either of above ways, and something happens, you are on our own, Survey Solutions application and the team will not be able to help with that.
2nd option described here is what I had in mind. Totally agree with Zurab on all the vulnerabilities related to it and would not advise this unless these have been ruled out in a careful system design/security review. Best, Sergiy
Thank you for your quick response. I just wanted to make sure there isn`t an official way to authorize. This is all I need to know.