Memberium AutoLogin

David Bullock — 

This feature enables you to provide a link for your users to click that will automatically log them into your site without requiring them to enter their username and password.

SECURITY NOTICE:
AutoLogin carries additional risks with it. You will need to determine for your site if the risks outweigh the conveniences. Skip to the bottom to read more about autologin security risks.

AutoLogin URL Quickstart

After you enter your autologin auth key and save your settings, Memberium will create example links and display them at the bottom of the Basic Settings page.  You can copy these autologin URL’s into your email template, and edit the URL of the redirect page to reflect where you’d like your members to arrive to.

Memberium also provides an example autologin link to use with Order Forms and Web Forms.  Autologin links all use the same kinds of parameters, but depending on what you want to do, and where your user is linking from, you will use some parameters but not others.

Examples

You must pass the users Infusionsoft Id in the link to autolog them in. (Its also required that you include your own custom Auth Key when using this feature.)

http://yourdomain.com/?memb_autologin=yes&Id=6&Email=email@domain.com&auth_key=yourauthkey&redir=/test-page/

How to auto log in someone from an Infusionsoft email template:

Include this for the url in your template –

http://yourdomain.com/?memb_autologin=yes&Id=~Contact.Id~&Email=~Contact.Email~&auth_key=yourauthkey&redir=/silver-video-2/

How to auto log someone in from customer hub

http://yourdomain/?memb_autologin=yes&Id={{user.infusion_id}}&Email={{user.email}}&auth_key=yourauthkey&redir=/video-2/

Example Auto Log In with Redirect:

<a href="http://yourdomain.com/?memb_autologin=yes&Id=~Contact.Id~&Email=~Contact.Email~&auth_key=yourauthkey&redir=/silver-video-2/">Log In Automatically Here</a>

Example Auto Log In with Redirect and Authorization Key (*Set Auth key on your options page):

http://memberium.com/?memb_autologin=yes&Id=6&Email=email@domain.com&auth_key=yourauthkey&redir=/category/shortcodes/

 

AutoLogin Troubleshooting

To successfully enable an autologin, the user must have:

  • A username ( email address ),
  • A password
  • Any appropriate membership tags.
  • The member being logged in must have the subscriber role.
  • If you are using a full domain link as your redirect, try changing it to just a path

Memberium Autologin Link Parameters

memb_autologin=yes

Required for all autologin links. This code tells Memberium that this is an autologin link.

auth_key=yourauthkey

Required for all autologin links. This is the autologin auth key for your Memberium install. Memberium supports creating two kinds of auth keys for maximum security. Please be sure that you are using the autologin authkey and NOT the HTTP POST auth key.

Id=~Contact.Id~

Required for all autologin links EXCEPT Infusionsoft Order/Webform Links This is the Infusionsoft contact ID for the user. The ~Contact.Id~ will be replaced with the actual ID of the user who the email is sent to.
If you are using a 3rd party form system, it must supply this information in the URL, or the autologin will fail.

Email=~Contact.Email~

Required for all autologin links EXCEPT Infusionsoft Order/Webform Links This is the email address of the contact in Infusionsoft. This parameter is only needed when creating an autologin link for use in an email. This information is automatically provided by web forms and order forms. If you are not using the Email field, then please substitute the name of the field you are using for your username. The ~Contact.Email~ will be replaced with the actual email address of the user who the email is sent to.
If you are using a 3rd party form system, it must supply this information in the URL, or the autologin will fail.

forcelogin=1

Optional. Only recommended for use on Order and Web Forms When doing an autologin from an Infusionsoft order form or webform, the password generation may not be completed by the time the user is redirected to the autologin link. You can use the forcelogin parameter to instruct Memberium to generate a password during login if it is missing. (This is a new feature in 2.41)

tag_ids=X,Y,Z

Optional. Only recommended for use on Order and Web Forms When doing an autologin from an Infusionsoft order form or webform, the tags may not be all applied by the time the user is redirected to the autologin link. You can use the tag_ids parameter to instruct Memberium to apply one or more tags to the user prior to logging in to ensure that their access tags are applied. (This is a new feature in 2.41)

redir=/my-other-page/

Optional, can be used on all kinds of links. Normally, when a user autologins to your site, they are sent to the homepage defined by their membership level. If you wish the autologin link to take them to a different page, you can define that link here. The redirect link can be an absolute link, or a relative link. The redirect parameter MUST be the last parameter on the line.
Best Practices:  Full domain links may have issues depending on your browser and server combination.  It is recommended to only use relative links.

Autologin from Email

We provide a working example autologin email code that you can copy/paste into your email links on our Control Panel under Memberium->Basic Options on your website. We’ve prefilled the website link, the auth_key and the Infusionsoft email parameters. We’ve also included a sample redir= parameter. You can edit or remove the redir= parameter as needed for your link.

An example email autologin link would look something like this:
http://yourdomain.com/?memb_autologin=yes&auth_key=yourauthkey&Id=~Contact.Id~&Email=~Contact.Email~&redir=http://yourdomain.com/yourpage/

Autologin from Order Forms and Web Forms

As of Version 2.41, you can use Autologin with Infusionsoft order and webforms.

We provide a working example autologin webform code that you can copy/paste into your email links on our Control Panel under Memberium->Basic Options on your website.   In order to create a link for an order form or webform, you can use the Email autologin link as a starting place, and then edit it as needed for your particular use. To use the link, setup the order/web form to redirect to a custom thank you page, and check the box to pass information. This will add the necessary user information for Memberium to verify their identity and log them in.

An example form autologin link would look something like this:

http://yoursite.com/?memb_autologin=yes&auth_key=yourauthkey&forcelogin=1&tag_ids=123,456

3rd Party Form System Compatibility

LeadPages

As of the time of this writing, LeadPages does not pass the contact data to the next page, and cannot be used for Autologin.

OptinMonster

As of the time of this writing, OptinMonster only has an option to pass the submitted contact’s name (om_name) and email (om_email).  It does not pass the Infusionsoft contact Id, or other required parameters to the next page to make Autologin possible.  You can read more about OptinMonster’s ability to pass lead data in redirect URL’s here.

Other Form Systems

If you’re using an order entry, or lead capture form system that’s not listed above, please contact us and we’ll help you determine if it can support autologin.

 

Autologin Security Concerns

Because this feature bypasses the more secure password login, it makes your site less secure to use. Anyone with access to the link can login to your user’s account, which makes it easier to share. If this lowered level of security concerns you, you can easily disable this feature. Autologin links are less secure, because the two pieces of information (The Contact ID and the Email Address) are unchanging and can be shared with any number of users. So, if a user were to change their password, it would not prevent someone with their autologin link from continuing to login as them.

Despite the reduced security, autologin is a popular request and a popular feature. It’s up to each site owner to determine if the risk outweighs the convenience for their site.

Memberium requires that your autologin Auth Key is different from your HTTP POST Auth Key in order to protect you. This prevents any users who get your autologin links from using the codes in those links to make administrative changes to your site.

How to Disable Autologin

As of Version 2.39 and higher, you can enable or disable the Autologin functionality in the Basic Options dashboard.

If you do not wish autologin to be enabled for your site, you can disable autologin by leaving the Autologin Auth Key in the “Basic Options” menu blank, or turning off the feature in Basic Options.

Multiple Auth Keys

Memberium also supports defining multiple auth keys, by separating them with commas. This makes it simple and easy to change your keys in your action sets without breaking any links as you work on making all of the changes in your Infusionsoft email templates to migrate from an old key to a new key.

Note: Autologin from Infusionsoft Shopping Cart is not possible, because shopping carts don’t merge the fields like order form thank you page URLs do. A workaround for this is to send a purchase confirmation email with the Email Autologin link.

Memberium Membership Site Workshop
October 10th-12th, 2018 in Phoenix, Arizona

Get your Memberium site and Infusionsoft app fully implemented in 3 days. Save $100 OFF your ticket until the end of this Monday, September 24th!

Click Here to Learn More and Reserve Your Seat