Authentications

Captive Portal Authentication

ShiningBot utilises Captive Portal Authentication to secure network access. Upon connecting to the network, the user's device is automatically provisioned with an IP address by ShiningBot and immediately redirected to a secure authentication page. Users gain internet access by inputting their assigned credentials (username and password).

User Classification and Management

ShiningBot classifies all users into four major groups, each tailored to different access levels, security needs, and validity requirements:

Internal Users

  • Definition: Your organisation’s employees.
  • Management: Administrators can create accounts with a validity period of up to three years.
  • Credentials: Passwords are automatically generated and delivered to the user via SMS.
  • Flexibility: Provision is available to reset forgotten passwords.

Walk-In Users

  • Definition: Guests visiting your business premises.
  • Creation: Accounts and passwords are created by your designated operator and delivered to the user via SMS.
  • Alternative Access: For guests without mobile access, coupons can be issued.
  • Security Note: ShiningBot advises minimising the use of coupons, as tracking their usage for potential misuse of service can become complex and tedious later on.

Self Registered Users

  • Definition: Users who register themselves to gain immediate internet access.
  • Validation: Registration can be validated using one of two methods:
    • 6-Digit PIN: Provides standard, preset connection speed and connection validity time.
    • Coupon Code: Allows for the customization of connection speed and connection validity period independently for each user.
  • Delivery: The password is automatically delivered to the user via SMS.

External Users

  • Definition: Users whose authentication data is sourced from external software systems.
  • Examples: Data is obtained from sources like Property Management Software (PMS) in hotels, Customer Databases in clubs/recreation centres, or Patient Information Systems (PIS) in hospitals.
  • Integration: ShiningBot provides an API (via REST API) to dynamically create, manage, and synchronise these external users in real-time.

Advanced Access Controls

In addition to robust authentication, ShiningBot provides sophisticated control over user bandwidth and security parameters:

  • Granular Speed Control: Administrators can independently control both the upload speed and the download speed for each individual user.
  • Concurrent Access Control: For added security and resource management, you can limit the number of concurrent internet access permitted per user account.
  • Password Policy: A dedicated Password Policy feature allows you to control the rules and complexity used when ShiningBot automatically generates random passwords.