Login Dapps

Many sites require users to login with a username and password in order to access specific content (e.g., your list of connections in LinkedIn).  Dapper can accommodate many such sites.  When creating a Dapp, the Dapp creator simply logs into the website through the Dapp Factory.  Dapper recognizes that the site requires login and marks the Dapp accordingly.  Dapper does not store the credentials given when creating the Dapp, and as such, whenever you run a "login Dapp," you must supply the username and password (if the credentials are not supplied, Dapper will throw an error).

Credentials are passed to the Dapper RunDapp REST web service as GET or POST arguments.  Both must be supplied.  They can be passed in the clear, or they can be encrypted using the Dapper credential encryption web service.  When credentials are passed encrypted, you must indicate that they should be decrypted before being sent to the remote website by supplying the "encryptionAlg" argument (currently, the only value for this argument is "1").

You can programmatically determine if a Dapp is a "login Dapp" in two ways:

1) Run the Dapp without credentials and look for the following error message:

This Dapp requires a username and password for the remote website.  This can be supplied via GET or POST arguments over HTTP or HTTPS

2) Query the "Dapp details web service".  If the "loginModule" parameter has a non-empty value or is an array with non-zero length, the Dapp requires login credentials to be run.

Currently login Dapps are limited to "username" and "password" and do not support authentication schemes that require additional parameters (such as "account number" in addition to "username" and "password").