STARTUP EPISODE4: (A New Hope 😊) Integration-User management
So, first things first … users management. It should be easy, fast and secure.
One of the main issues that you could face is related to a multi-site environment. Fortunately, the multi-site creation is solved by WordPress. Is really a piece of cake. Why do I mention this? Well, you may want to separate your company website from your eBusiness environment. In fact you should do it for many reasons, design and technical reasons.
From the design point of view, a theme that suits your needs for a nice company website will certainly not suit eBusiness purposes. Remembering EPISODE 2 of this series, a really good theme for a presentation website is Materialis. The same theme will not be very good for an eBusiness environment where you may need less big pictures to cover the screen but a lot more working space on the screen. However, you want both … 😊 so, the best solution is to use the multi-site environment of WordPress.
Since WordPress offers a simple way to create and manage multi-site environment, the problem is half solved and can be done even by rookies with less than 3 mouse clicks … 😊
From the technical point of view, it is quite possible that your plugins to be in conflict (although if you follow the steps from EPISODE 2 you will not find your self into this situation). Also it is very clear that your website will become very heavy and the load time for your pages to be a real problem. This is a major reason for your future clients not entering your site.
But what about users management and registration? Obviously you don’t want that your users (or potential future clients) to register or to login twice (or even more if you have many sites)… I mean this will be their first reason for not visiting you on the web.
You may also noticed that many companies (including big ones like Google or Microsoft) operates tons of websites. Once you registered or logged in on one of them, you are registered or logged in on all of them, you like this and you want the same for your eBusiness environment. Could you have it for free? Sure you can … 😊
In the technical terminology this is called Single-Sign-On (SSO). You can have it on your multi-site WordPress environment in 30 minutes (including the download, installation and configuration). You only need two plugins:
- On your main site: WP OAuth Server (https://wordpress.org/plugins/oauth2-provider/)
- On your other sites: OAuth2.0 Single Sign On Client (https://wordpress.org/plugins/single-sign-on-client/)
There is also a really good video helping you to configure SSO on your environment (you can find it here https://wordpress.org/plugins/single-sign-on-client/#description). That’s it! Walk in a park!
Ok, now that you started to feel the taste of being inline with the trends, you may want to make things even more easier for your clients and you may want to simplify as much as possible the annoying process of registration … you know! it’s about that moment when the user must fill in name, email address, password (and maybe some other info you need in order to pursue your business goals). Can you do it? And, if possible, for free … 😊
As you already are used to it, of course, you can! This can be done with the famous and infamous “login with social media accounts”. I am not a huge fan of this and you will see why … however, I believe that this functionality is really useful.
Technically speaking, easy think, easy do … Business and compliance wise, there are some aspects which require a bit more attention.
Let’s start this topic with the easy things … so, how it works? Well, as you can imagine, there are some plugins doing the job. What it is important to say is that between the plugin (which is the interface with the user) and the actual social media account data (which will be used for registration and further login on your website) there is one middle layer which is a special small app offered by the social media company in order to collect the input from your user, communicate with the social media servers and deliver to your website the needed information in a well secured and safe way. That’s good and you don’t have to bother with this from the technical point of view.
Now, there are two types of WordPress plugins doing this job. The first type is coming with already made social media small apps, you don’t even know that these apps exists (the small apps between the user and the social media servers). The apps were made and configured by the plugin developer and are registered with the social media company under his name. These plugins are the most easy to use. Just download it from the WordPress plugins portal, install it and then, with several clicks, you have the functionality available on your website.
The second type of plugins allows you to use your own small apps. This means that you have to create first the apps and then configure the plugin to connect and use your apps. Don’t be scared! It is really easy to create such apps, you do not need any programming skills in order to do it. Each social media company offers this functionality, it is 100% free and you can do it with several mouse clicks. It shouldn’t take more than 15 minutes for each app to have it up and running. Considering that you may want to use Facebook, Google, LinkedIn, Twitter and maybe Instagram, you see that you shouldn’t spend more than 2 hours on this.
So, technically, no difference, the same happens for both types of plugins but you will work a bit longer for the second type. Why should you do it? Well, for legal compliance reasons. Yeah, it is about the famous and, again, infamous GDPR. Basically, when you include the “login with social media” feature to your eBusiness environment, you are collecting and processing personal information. Using the first type of plugins, the personal information you are collecting from the social media is passing a layer (that small app) which does not belong to you and which you do not control, you cannot modify it, cannot change permissions, cannot stop it if something goes wrong, cannot get full access logs. You can only deactivate the plugin and lose the functionality of your website. You have no idea what security policies the plugin developer applies nor if the developer is GDPR compliant (although many of them claims that they are). So there is a legal compliance risk here because you are depending 100% on a third party which is between you/your user and the social media company.
To be honest, I would prefer the third option 😊 … to write my own “login with social media” plugin but this is really technical stuff. Not very complicated since each social media company offers for free the most important part of the code … but still, not something that a non-dev person can do.
However, regardless of the plugin type you choose, do not forget to ask the consent of your user before allowing him to click on the “login with ….” button. Most of the serious plugins offers this consent functionality but, as you can guess, is not for free. This is another reason for which I prefer to implement the third version 😊
Concluding on this topic, “login with social media” feature is really nice, useful and easy to implement but you need to be very careful with the legal compliance aspects.
So, this is the first and one of the most important integration you need for your eBusiness environment … SSO with (or without) “login with social media” feature. Now your web business starts to look more and more professional. It is now the moment to think of some other potential connections and integrations … but these will be subjects for the next episodes of the series.