Velruse implements an API similar to RPXNow to standardize the way a web application handles user authentication. The standard flow of using Velruse looks like this:
Auth Providers implement all the messy details of authentication. Since they listen to HTTP requests underneath their prefix, they can interact with other systems that require redirects to authenticate. When the Auth Provider is done it redirects back to the endpoint that it was provided with.
The Auth Provider is expected to respond to a POST to /login, and then proceed with the necessary calls and/or redirects necessary to complete the authentication. Each provider is responsible for converting profile data into a format compatible with Portable Contacts.
Every authentication provider that is available comes with a basic HTML example illustrating the parameters it requires. The template generally includes a logo when it’s a third party identity provider to help a website user find the preferred authentication option.
While most websites will redirect to Velruse to handle the authentication for a user to login or register, the authentication can be done anytime for ‘linking’ an account to another provider as well.