This article provides the steps to enable guest authentication with Facebook and Google+.
|Notes & Requirements|
Table of Contents
Social media guest authentication can be enabled to allow clients to login to a guest network using their Facebook or Google+ credentials. Start by creating a facebook app, google+ API login, or both.
Facebook App Setup
1. Register a Facebook App
Use the guide HERE to register a Facebook authentication app. Step 4 asks the user to choose a platform for the application. Select Facebook Canvas.
2. Complete Facebook Canvas Quick Start.
You will be directed to the Quick Start for Facebook Canvas. Enter an App Name in the provided file to begin. After completing the Quick Start, click Skip to Developer Dashboard to continue.
3. Go to Settings
Click Settings in the sidebar to open up the basic app settings:
4. Edit Settings
Settings in Green are established by the Facebook development tool:
- App ID: Number assigned to your app. Will be used in UniFi Controller setup.
- App Secret: Password assigned to your app. Will be used in UniFi Controller setup.
- Canvas Page: Automatically reflects the app Namespace.
Settings in Blue are admin-specified, and should be chosen to reflect your preferences:
- Display Name: This name be displayed when clients authorize via Facebook.
- Namespace: This name will appear in the URL when clients authorize via Facebook.
- Contact Email: use an email that the admin has access to.
- Terms of Service URL: Optional. Include URL of the network’s Terms of Service here.
Settings in Orange must be correctly entered for proper functionality
- App Domains: Enter your controller subdomain here.
- Secure Canvas URL: Enter your domain here.
- Mobile Site URL: Enter your domain here.
Toggles on this page may be left on NO. Click Save Changes to apply the settings.
5. Add Product
Next, click Add Product, then Facebook Login to create the login page.
6. Add Controller Subdomain and Port
Under Facebook Login Settings, include the controller subdomain along with port 8880 (Or 8843 if you are using Secure Portal), and use the following toggle options:
7. Save Changes
Click Save Changes to apply the settings. If you are setting up Google authentication as well, continue reading. Otherwise, skip to Controller Setup.
Google+ API Setup
1. Enable Google Login
Use the Enable the Google+ API Guide HERE to enable Google login.
Step 6a in the above guide prompts the admin to enter the app origin. In this case, it will be the subdomain, followed by port 8880. Note the Client ID and Client Secret, which will be used later in the Controller Setup.
If client device gets a redirect error after setup, add the redirect URI below under "Authorized redirect URIs" in the above step:
UniFi Controller Setup
1. Activate Guest Policies
Once you have configured your Facebook or Google app, open your publicly hosted controller. Begin by activating Guest Policies.
2. Configure the Guest Portal
Next, open the Guest Control tab to configure the guest portal. Select Hotspot authentication. If you wish, enter a Promotional URL to forward clients to your website after they are authenticated. Select Redirect using hostname, and enter your controller subdomain. Select Enable HTTPS Redirection.
3. Activate Third Party Authentication Method
Under Hotspot, select the third party authentication methods that you wish to activate. Enter the ID and Secret for the selected app(s).
4. Add Facebook's Public IPs
Under Access Control, add the following list of public IPs that Facebook uses:
5. Test the Guest Network
Finally, use a device to connect to the guest network and verify that the guest portal works properly.