Memberium AutoLogin

David Bullock
David Bullock
This Article Applies to

This feature enables you to provide a link for your users to click that will automatically log them into your site without requiring them to enter their username and password.

SECURITY NOTICE:
AutoLogin carries additional risks with it. You will need to determine for your site if the risks outweigh the conveniences. Skip to the bottom to read more about autologin security risks.

AutoLogin URL Quickstart

After you enter your autologin auth key and save your settings, Memberium will create example links and display them at the bottom of the Memberium > Settings > HTTP Posts/Links page.  You can copy these autologin URL’s into your email template, and edit the URL of the redirect page to reflect where you’d like your members to arrive to.

Memberium also provides an example autologin link to use with Order Forms and Web Forms.  Autologin links all use the same kinds of parameters, but depending on what you want to do, and where your user is linking from, you will use some parameters but not others.

Examples

You must pass the users Infusionsoft Id in the link to autolog them in. (It is required that you include your own custom Auth Key when using this feature.)

https://yourdomain.com/?memb_autologin=yes&Id=6&Email=email@domain.com&auth_key=yourauthkey&redir=/test-page/

How to auto log in someone from an Infusionsoft email template:

Include this for the url in your template –

https://yourdomain.com/?memb_autologin=yes&Id=~Contact.Id~&Email=~Contact.Email~&auth_key=yourauthkey&redir=/silver-video-2/

How to auto log someone in from customer hub

https://yourdomain/?memb_autologin=yes&Id={{user.infusion_id}}&Email={{user.email}}&auth_key=yourauthkey&redir=/video-2/

Example Auto Log In with Redirect:

<a href="https://yourdomain.com/?memb_autologin=yes&Id=~Contact.Id~&Email=~Contact.Email~&auth_key=yourauthkey&redir=/silver-video-2/">Log In Automatically Here</a>

Example Auto Log In with Redirect and Authorization Key (*Set Auth key on your options page):

http://keap.memberium.com/?memb_autologin=yes&Id=6&Email=email@domain.com&auth_key=yourauthkey&redir=/category/shortcodes/

 

AutoLogin Troubleshooting

To successfully enable an autologin, the user must have:

  • A username ( email address ),
  • A password
  • Any appropriate membership tags.
  • The member being logged in must have the subscriber role.
  • If you are using a full domain link as your redirect, try changing it to just a path

Disable caching

Having caching enabled on the site can cause issues with autologin. If you’re on Flywheel hosting, then you’d need to enable the “Developer mode” which would disable the caching on the site.
Another workaround if you don’t want to enable the “Developer mode” is to create a new blank page, let’s say /autologin/. Once created, use this page for the autologin.
Example: https://domain.com/autologin/?memb_autologin=yes&auth_key=pwFgNSpqMV&Id=~Contact.Id~&Email=~Contact.Email~
You’d then send the same link to FlyWheel and inform them to disable caching for this entire URL. Also, if you’re following this method then have the WP_Cache disabled from FlyWheel’s settings.

Avoid any host that’s running the Litespeed / Open Litespeed server software. As of now, OLS is incompatible with the Memberium Autologin feature. Also if your host has Varnish caching enabled then you’d need to disable it.

Memberium Autologin Link Parameters

memb_autologin=yes

Required for all autologin links. This code tells Memberium that this is an autologin link.

auth_key=yourauthkey

Required for all autologin links. This is the autologin auth key for your Memberium install. Memberium supports creating two kinds of auth keys for maximum security. Please be sure that you are using the autologin authkey and NOT the HTTP POST auth key.

Id=~Contact.Id~

Required for all autologin links EXCEPT Infusionsoft Order/Webform Links This is the Infusionsoft contact ID for the user. The ~Contact.Id~ will be replaced with the actual ID of the user who the email is sent to. Please note that the Id parameter is case sensitive.
If you are using a 3rd party form system, it must supply this information in the URL, or the autologin will fail.

Email=~Contact.Email~

Required for all autologin links EXCEPT Infusionsoft Order/Webform Links This is the email address of the contact in Infusionsoft. This parameter is only needed when creating an autologin link for use in an email. This information is automatically provided by web forms and order forms. If you are not using the Email field, then please substitute the name of the field you are using for your username. The ~Contact.Email~ will be replaced with the actual email address of the user who the email is sent to.
If you are using a 3rd party form system, it must supply this information in the URL, or the autologin will fail.

forcelogin=1

Optional. Only recommended for use on Order and Web Forms When doing an autologin from an Infusionsoft order form or webform, the password generation may not be completed by the time the user is redirected to the autologin link. You can use the forcelogin parameter to instruct Memberium to generate a password during login if it is missing. (This is a new feature in 2.41)

tag_ids=X,Y,Z

Optional. Only recommended for use on Order and Web Forms When doing an autologin from an Infusionsoft order form or webform, the tags may not be all applied by the time the user is redirected to the autologin link. You can use the tag_ids parameter to instruct Memberium to apply one or more tags to the user prior to logging in to ensure that their access tags are applied. (This is a new feature in 2.41)

redir=/my-other-page/

Optional, can be used on all kinds of links. Normally, when a user autologins to your site, they are sent to the homepage defined by their membership level. If you wish the autologin link to take them to a different page, you can define that link here. The redirect link can be an absolute link, or a relative link. The redirect parameter MUST be the last parameter on the line.
Best Practices:  Full domain links may have issues depending on your browser and server combination.  It is recommended to only use relative links. If your site is in a subdirectory (yourdomain.com/members) be sure to include “/members” in the relative link. Example: /members/my-other-page/

Autologin from Email

We provide a working example autologin email code that you can copy/paste into your email links from Memberium > Settings > HTTP Posts/Links page on your website. We’ve prefilled the website link, the auth_key and the Infusionsoft email parameters. We’ve also included a sample redir= parameter. You can edit or remove the redir= parameter as needed for your link.

An example email autologin link would look something like this:
https://yourdomain.com/?memb_autologin=yes&auth_key=yourauthkey&Id=~Contact.Id~&Email=~Contact.Email~&redir=/yourpage/

NOTE: We don’t suggest testing using Keap’s test email option in Campaign Builder as this option can’t work with autologin. This option uses Keap user ID and not contact ID. For the autologin to work, it will need a valid email ID and contact ID for the particular contact that you’re testing with.

Autologin from Order Forms and Web Forms

As of Version 2.41, you can use Autologin with Infusionsoft order and webforms.

We provide a working example autologin webform code that you can copy/paste into your email links from Memberium > Settings > HTTP Posts/Links page on your website.   In order to create a link for an order form or webform, you can use the Email autologin link as a starting place, and then edit it as needed for your particular use. To use the link, setup the order/web form to redirect to a custom thank you page, and check the box to pass information. This will add the necessary user information for Memberium to verify their identity and log them in.

An example form autologin link would look something like this:

https://yoursite.com/?memb_autologin=yes&auth_key=yourauthkey&forcelogin=1&tag_ids=123,456

3rd Party Form System Compatibility

LeadPages

As of the time of this writing, LeadPages does not pass the contact data to the next page, and cannot be used for Autologin.

OptinMonster

As of the time of this writing, OptinMonster only has an option to pass the submitted contact’s name (om_name) and email (om_email).  It does not pass the Infusionsoft contact Id, or other required parameters to the next page to make Autologin possible.  You can read more about OptinMonster’s ability to pass lead data in redirect URL’s here.

Other Form Systems

If you’re using an order entry, or lead capture form system that’s not listed above, please contact us and we’ll help you determine if it can support autologin.

Autologin Security Concerns

Because this feature bypasses the more secure password login, it makes your site less secure to use. Anyone with access to the link can login to your user’s account, which makes it easier to share. If this lowered level of security concerns you, you can easily disable this feature. Autologin links are less secure, because the two pieces of information (The Contact ID and the Email Address) are unchanging and can be shared with any number of users. So, if a user were to change their password, it would not prevent someone with their autologin link from continuing to login as them.

Despite the reduced security, autologin is a popular request and a popular feature. It’s up to each site owner to determine if the risk outweighs the convenience for their site.

Memberium requires that your autologin Auth Key is different from your HTTP POST Auth Key in order to protect you. This prevents any users who get your autologin links from using the codes in those links to make administrative changes to your site.

How to Disable Autologin

As of Version 2.39 and higher, you can enable or disable the Autologin functionality from Memberium > Settings page.

If you do not wish autologin to be enabled for your site, you can disable autologin by leaving the Autologin Auth Key blank, or turning off the “Allow Autologin” feature from Memberium > Settings page.

Multiple Auth Keys

Memberium also supports defining multiple auth keys, by separating them with commas. This makes it simple and easy to change your keys in your action sets without breaking any links as you work on making all of the changes in your Infusionsoft email templates to migrate from an old key to a new key.

Note: Autologin from Infusionsoft Shopping Cart is not possible, because shopping carts don’t merge the fields like order form thank you page URLs do. A workaround for this is to send a purchase confirmation email with the Email Autologin link.

Need Help With This? Get Help Instantly
  • Was this Helpful?
  • YesNo
9 ways to add more value to your membership site

Table of Contents

This Article Applies to

Keep Reading

Allow Access to WP Dashboard

This setting allows two options, “Yes” or “No”. The default setting is “No”. When set to “No”, non-admin users are not allowed to access the WordPress dashboard, and the Admin toolbar will also be removed. When set to “Yes”, the Admin toolbar will be displayed and Memberium will not prevent users from accessing the dashboard.

Read More »

Want to get some fresh ideas on how you can improve your membership site or course?

Download our free ebook!

DOWNLOAD IT NOW

Book a Call

Welcome to Memberium!

We are very excited for you to be part of our family. 

We would love to answer any questions that you have!

Please choose the best time for you to get in a call with us. 

For Technical Support, you can contact us at https://keap.memberium.com/support/ or Email us at support@memberium.com.

sales@memberium.com

https://keap.memberium.com/