You can enable users to create an account or log into Community Hub using their social account login credentials from an external authentication provider such as Facebook© or Google©. Nimble AMS supports many standard authentication providers, and can can be set up to authenticate with a custom provider of your choosing.When set up is complete, the basic authentication provider flow in Community Hub is as follows.
- Users try to create an account or log into Community Hub using a social account.
- The login request is redirected to the authentication provider.
- Users follow the authentication provider's login process and approve access.
- The authentication provider redirects users to Community Hub with credentials.
- Community Hub checks for duplicates and:
- If no duplicates are found, users are signed into Community Hub.
- If duplicates are found, the behavior differs based on how Community Hub is configured.
Social Sign-On Enhanced Security
By default, if users try to log in using social sign-on and the email used by their social account matches one used by an existing account, users are logged into the matching account which is then linked to their social account automatically. This is simpler login process for users, but may not meet your security standards. By enabling Social Sign On Enhanced Security, Community Hub does not allow users to log in using social sign-on if there is an existing account using a matching email. Instead, users must log into Community Hub using their Community Hub account and then connect their social account log in. This is provides more security by requiring that users first prove who they are before connecting a social account to their Community Hub account.
Disconnecting a Connected Social Account
Both staff and optionally, constituents, can disconnect social accounts at any time. This gives constituents complete control over what social accounts they can use to log into Community Hub, and which they they no longer want to use.
Things to Keep in Mind
- Community Hub Social Sign-On uses Salesforcefunctionality which does not offer the option to disable the ability to create an account and only offer that ability to link an existing social account.
- If constituents disconnect from Community Hub within a social account, that disconnection won't show on the My Login Information page. The social account will still shown as being connected because it does not signal back to Community Hub that a change was made.