Skip to main content

Embedding password protected external sites with URL type

Please note

We use iframes to display external websites in our content. If a website denies the usage of iFrames/embedding, we will be unable to display it.

If the website is yours, you can change this setup. If it is not yours, we suggest speaking with the website owner to allow embedding.

In the Text Menu you can choose your Content type.

  • URL type can set the URL that you want to display.
    • You can also make it Interactive and display it Same origin website.

cu1.png

Caveats and limitations

With the custom widget you can also display pages, that need to be authenticated.

Please note

There are multiple ways to authenticate a website, but you have to keep in mind, that these external pages are opened in an iFrame, so we can not manipulate their contents anymore.

Access using the URL token

This is a common method of accessing restricted sites while avoiding a login prompt. If the site's owner allows for this method, your browser, and our system, can log into the site automatically using the token without the additional step of logging into it.

Typical URL

A typical URL looks like this

http://www.example.com/foo/bar.html

Tokens

Tokens can take the format [expiration]_[signature] and look like this

1441307151_4492f25946a2e8e1414a8bb53dab8a6ba1cf4615

A token is expected in the ?token= GET parameter and the full URL looks like this

http://www.example.com/foo/bar.html?token=1441307151_4492f25946a2e8e1414a8bb53dab8a6ba1cf4615
Please note

We only get the URL in our Widget. We don't have control over if the site's owner allows for this method, or how they implement it.

If you are not sure about how to generate or use a given site's token, please contact the site's support team.

Access using credential in the URL

Please note

It is not a safe method of authentication, and our system does not allow for it.
The description for it is here because it used to be a common method of accessing many clients while avoiding the login prompt.

This method is using a URL containing the username and the password like this

https://username:password@www.example.com/
  • In Chrome 59, the username password@ part in URLs is even stripped out for security reasons and it won't work.

  • In Firefox, it is checked if the site actually requires authentication and if not, Firefox will warn the user with a prompt "You are about to log in to the site "www.example.com" with the username "username", but the website does not require authentication. This may be an attempt to trick you.

Using device's Advanced configuration for Basic authentication

Our players can access pages that require basic authentication method, by utilizing advanced configuration.

You can send the following details as Advanced configuration

Please note

Only our Windows and Android players have this functionality currently

{
"configuration": [
{
"type": "WEBVIEW_BASIC_AUTHENTICATION",
"credentialList": [
{
"domainUrl": "PROTOCOL://DOMAIN:PORT/PATH",
"userName": "AUTH_USER_NAME",
"password": "AUTH_PASSWORD"
}
]
}
]
}
Please note

The Custom widget's URL field should start with the domainUrl to match with the credential configuration

For example the Custom widget's URL field is

https://domain.com/subsite/page

domainUrl field can be

"domainUrl": "https://domain.com/"

Alternative URL

There are sites that provide alternative URLs that don't need further authentication.
For example, they provide a URL that only some internal device can open.
It is entirely up to the site's owner and organization if and how they provide this kind of method of access.

Alternative method

This method doesn't use authentication of any kind at all.
There are many sites, especially ones that provide data sources (e.g. currency data) that have the option to export this data.
If the goal is to present data then you can consider exporting said data from the site, and then displaying it in Wallboard natively.
This can be a convenient solution, especially in cases where the data doesn't change too often.