This Help topic describes the steps for implementing guest registration using Facebook as a way to obtain end user information.
In this scenario, the Guest Registration portal provides the option to register as a guest or log into Facebook in order to complete the registration process. If the end user selects the Facebook option, Extreme Management Center OAuth to securely access the end user's Facebook account, obtain public end user data, and use that data to complete the registration process.
|NOTE:||Guest OAuth (for example, Google, Yahoo) may not support native mobile browsers and display a “user agent” error. To access the network, use a standard browser application (e.g. Google Chrome).
Guest Registration using Facebook has two main advantages:
- It provides Extreme Management Center with a higher level of user information by obtaining information from the end user's Facebook account instead of relying on information entered by the end user.
- It provides an easier registration process for the end user. Extreme Management Center retrieves the public information from the end user's Facebook account and uses that information to populate the name and email registration fields.
This topic includes information and instructions on:
- Requirements for Facebook Registration
- Creating a Facebook Application
- Portal Configuration for Facebook
- How Facebook Registration Works
- Special Deployment Considerations
These are the configuration requirements for Facebook Registration.
- The ExtremeControl engine must have Internet access in order to retrieve user information from Facebook.
- The ExtremeControl Unregistered access policy must allow access to the Facebook site (either allow all SSL or make allowances for Facebook servers).
- A Unique Facebook application must be created on the Facebook Developers page (see instructions below).
- The Portal Configuration must have Facebook Registration enabled and include the Facebook Application ID and Secret (see instructions below).
When implementing guest registration using Facebook, you must first create a Facebook application. This generates an Application ID and Application Secret that are required as part of the Extreme Management Center OAuth process. Use the following steps to create a Facebook application.
- Access the Facebook Developers page at https://developers.facebook.com/apps/. If you already have a Developers account you can log in, otherwise you must create a Developers account.
- Once logged in, click the Add a New App button.
The Add a New App window opens.
- Click the basic setup link at the bottom of the window.
The Create a New App ID window opens.
- Enter a Display Name, enter a Contact Email, and select a Category for your app.
The Display Name is the name of the app presented to the end-user when they grant Extreme Management Center access to their Facebook information and should clearly indicate what its purpose is, for example, Extreme Networks Guest Registration.
- Click Create App ID.
The Dashboard panel opens and displays information about the new app including an App ID and an App Secret.
- Select Settings in the left panel.
The Settings panel's Basic tab opens.
- Enter in a valid domain name for the ExtremeControl engines in the App Domains field. For example, if the ExtremeControl engine to which users are connecting is ExtremeControl engine.AbcCompany.com, enter "abccompany.com" in the App Domains field.
- Click Add Platform.
The Select Platform window opens.
- Select Website.
The Website panel displays on the Basic tab.
- Enter the domain name you added in the App Domains field in step 7 in the Site URL field.
- Click Save Changes.
- Click Add Product in the left panel.
The Product Setup panel opens.
- Click the Facebook Login Get Started button.
The Getting Started panel opens.
- Enter the Valid OAuth redirect URIs. A redirect URI is required to redirect the user back to the engine with an Access Token Extreme Management Center uses to access the user account and retrieve the user data. The Redirection URI should be in the following format:
A Redirection URI must be added for each ExtremeControl engine where end users can register via Facebook.
- Click Save Changes.
- Select App Review in the left panel.
The App Review panel opens.
- Click the No button in the Make <Display Name> public field to change the button to Yes.
A Confirmation window appears.
- Click Confirm.
The Approved Items section displays a list of default permissions that provide access to end user data. (For more information on setting permissions, see https://developers.facebook.com/docs/facebook-login/permissions#reference.)
Your application is created and ready to use.
You need to add the App ID and App Secret to your portal configuration.
The Application ID and Application Secret assigned during the creation of the Facebook application must be provided in the Portal Configuration in order for the entire process to complete properly.
- Open the Control > Access Control tab.
- In the left-panel tree, expand the ExtremeControl Configurations > Portal tree and select Guest Registration.
- In the Customize Fields section, click the Open Editor button to open the Manage Custom Fields window where you can change registration portal fields. Facebook registration uses only the First Name, Last Name, and Email Address fields, and the Display Acceptable Use Policy (AUP) option. All other fields only apply to regular guest registration. If the Display AUP option is selected, the captive portal verifies that the AUP has been acknowledged before redirecting the user to Facebook.
- Select the Facebook Registration checkbox.
- Enter the Facebook App ID and Facebook App Secret.
- Click Save. Warning messages display stating that Verification Method and Sponsorship are not used for Facebook registration, and that an FDQN is required will be enabled.
- Enforce the new configuration to your engines.
Once you have configured Facebook registration using the steps above, this is how the registration process works:
- The end user attempts to access an external Web site. Their HTTP traffic is redirected to the captive portal.
- In the Guest Registration Portal, the end user selects the option to register using Facebook.
- The end user is redirected to the Facebook login. If Acceptable Use Policy option is configured, the captive portal verifies that the AUP has been acknowledged before redirecting the user to Facebook.
- Once logged in, the end user is presented with the information that Extreme Management Center receives from Facebook.
- The end user grants Extreme Management Center access to the Facebook information and is redirected back to the captive portal where they see a "Registration in Progress" message.
- Facebook provides the requested information to Extreme Management Center, which uses it to populate the user registration fields.
- The registration process completes and network access is granted.
- The word "Facebook" is added to the user name so you can easily search for Facebook registration via the Registration Administration web page.
Please read through the following deployment consideration prior to configuring Facebook Registration.
To allow traffic to your network via a wireless connection, create an L7 host record for the Unregistered Role on your Wireless Controller for
facebook.com. This domain is subject to change and may vary based on location.
Facebook Registration for networks redirecting HTTP traffic to the captive portal using DNS Proxy requires additional configuration.
In order for Facebook Registration to work properly with DNS Proxy, all domains/URLs necessary to properly load the Facebook web page must be added to the Allowed URLs/Allowed Domains section of the captive portal configuration. Otherwise, the ExtremeControl engine resolves DNS queries for these components to the ExtremeControl engine IP causing the page to not load properly.
As of July 26, 2014, you must add the following domains in order for Facebook registration to work with DNS Proxy. These domains are subject to change and may vary based on location.