From EQdkp Plus
Jump to: navigation, search


Core 2.0.x

With SSL

The new API supports SSL Sites as Redirect-URLs only. That means that you need an own SSL Certificate for your Webspace, and an Hosting Package that allows the including of an SSL Certificate. After you have activated SSL for your EQdkp Plus Installation,

Without SSL

To use the Login without SSL, you can use our EQdkp Plus Relay Service. Please notice, that this service has Alpha Status, and can be discontinued without further notice.

Is using the Relay Service still secure?

Yes, it is.

Does EQdkp Plus have access to passwords?

No, we haven't.

But how this this work?

Well, it's easy.

  • On clicking the Login Button, you are redirect to where you have to enter your credentials and give your App Access. This whole process is done directly, without any connection to the EQdkp Plus Server.
  • After to gave your App access, redirects you to the EQdkp Plus Relay Server, including an authorization code.
  • Our EQdkp Plus Relay Service encrypts this Authorization Code with the EQdkp Plus App-Secret, and redirects the User back to your EQdkp Plus Installation.
  • In your EQdkp Plus Installation, the Authorization Code is decrypted with the EQdkp Plus App-Secret, and used for getting an Access Token directly from the API, using the Mashery App-ID and -Secret.

That means for the security:

  • The EQdkp Plus Relay Service does never see any passwords from
  • The EQdkp Plus Relay Service cannot use the Authorization Code from, because he does not know the Mashery App Secret or Mashery App ID
  • The Authorization Code is encrypted with AES Encryption and the EQdkp Plus App Secret, that is also encrypted stored in our Database.

What Statistics are saved?

At the moment, we only count the usage of an specific App. We do not save any other additional Data.

I'm getting an error, what does this mean?

If you are redirected, but nothing happends, and the URL looks like #relayerror=1 at the end, something happend. Take the number of the end and look at the following list:

  • 1: Internal Server Error
  • 2: The User waited to long to submit the Login Button
  • 3: Verify HMAC Error. Somebody might tried to misuse the Login
  • 4: EQdkp Plus AppID not available