Module of authentication 

This chapter describes an API that makes it possible to request subscribers’ profiles, including their data and their password, by using external applications. It works like a small authentication server with basic functionalities. 

Because BACKCLICK is able to administer a mandator, it is necessary to hand over the mandator’s ID with every call on the authentication module. If no mandatory ID is handed over, BACKCLICK will assign the call to the mandatory with the ID=0. 

! PLEASE NOTE ! 

This interface may be called without any restrictions by servers as well as clients. To restrict these calls, you may enter IP addresses that are exclusively allowed to start a call (System Administration -> Basic Settings -> WebInterface). Therefore you need to mark the check box in front of the “HTTP subscriber API” to activate the text area on the righthand side. You may then enter the IP addresses. 

The following functions are supported by this API: 

• Check if entered e-mail address is subscribed on the BACKCLICK system
• Check if entered e-mail address is subscribed on to a newsletter additionally entered on the BACKCLICK system
• Check if entered e-mail address and password (combined) are subscribed on the BACKCLICK system and if the password is the same as the one saved in the system

Basics 

Every function is called by the http record. BACKCLICK will return a status code on every call. The URL for the communication is built up as described in the following: 

http://domain.customer.de/bc/servlet/web.auth?............................. 

The following values are accepted parameters: 

• EMAIL
• NEWSLETTER (ID der Verteilerliste/n)
• PASSWORD

Default parameters are always EMAIL and NEWSLETTER. 

Example:

http://domain.customer.de/bc/servlet/web.auth?EMAIL=m.jones@web.de&PASSWORD=password&MID=0

ERRORCODE: 0 -> the variable EMAIL has not been defined or is empty 

ERRORCODE: 1 -> e-mail address & password are OK 

ERRORCODE: 2 -> the entered e-mail address is syntactically wrong# 

ERRORCODE: 3 -> the variable PASSWORD has not been defined 

ERRORCODE: 4 -> the entered e-mail address is valid but the password is wrong 

ERRORCODE: 5 -> the entered e-mail address cannot be found in the system 

ERRORCODE: -100 -> Authentication function is deactivated in the system settings; please activate 

ERRORCODE: -101 -> Check configuration, no connection to the API server possible 

Deactivate authentication module in the system settings 

Checking if a handed over e-mail address is subscribed to a specially defined newsletter (mailing list) in BACKCLICK 

Example:

http://domain.customer.de/bc/servlet/web.auth?EMAIL=m.jones@web.de&PASSWORD=password&NEWSLETTER=1,2,33&MID=0

All of the status codes from 6 to 9 will be in use here. The result will be displayed for every mailing list as followed (default setting): 

LIST-ID: STATUSCODE, there will be a row for every mailing list ID. 

The ERRORCODES 0, 2, 3, and 5 (see Part 1) are in use for syntactical errors here: 

The result may look like this for the example described above (Part 2): 

1: 6 

2: 6 

33: 7 

Meaning of status codes 6–9: 

6 -> E-mail address & password OK, subscriber is subscribed to the mailing list 

7 -> E-mail address & password OK, subscriber is NOT subscribed to the mailing list 

8 -> the entered password is wrong, the e-mail address is correct — the subscriber is subscribed to the mailing list 

9 -> -> the entered password is wrong, the e-mail address is incorrect — the subscriber is NOT subscribed to the mailing list 

10 -> E-mail address & password OK, “double opt in” is not yet confirmed 

12 -> E-mail address & password WRONG, “double opt in” is not yet confirmed