Preview of Our EZ Link Login Flow for the Socialcast Mobile App
In our February 2016 new features update, we introduced EZ Link, which lets a user log into the Socialcast mobile app without having to manually enter a password.
Last time, we previewed the desktop web version. To recap, a logged-in Socialcast user simply clicks on a handy EZ Link icon to receive an email providing immediate access to the Socialcast mobile app.
In this post, I am going to describe the mobile version of EZ Link, which allows you to instantly log in to the Socialcast mobile app via email without having to interact with the desktop website.
What Is an EZ Link
From the user’s perspective, an EZ Link is not really a link. It’s an email sent to an iOS or Android device.
Inside that email is a clickable button. The button’s destination contains a one-time authentication token that, when clicked, gets processed on our server, redirects to the Socialcast mobile app and loads the now logged-in user’s home stream.
EZ Link does have some rules you need to know
- Its destination is an HTTPS endpoint on the community domain itself (e.g., “https://test.socialcast.com”). So as long as the mobile device can see the community at that domain, the login should be successful.
- It can only be used once.
- It expires after one hour.
- It works only on iOS or Android devices but fails gracefully if you make a mistake (such as clicking the EZ Link from your desktop). You can go to your device and try the link again without having to ask for a new one.
- If you click an already used or expired link, you can easily request a new one.
How to Enable and Request EZ Link from the Mobile App
For your community to use EZ Link, for both mobile (if non-SSO, non-OP) and desktop (for any client), your community’s admin first needs to enable it.
Here’s what the mobile login screens will look like with EZ Link enabled. First, enter your community URL.
Then, provide your email address or company identifier. Press the “Get EZ Link” button. (On an Apple device you will then have the option to open your email. If you’d rather just enter your password, you can do that, instead.)
NOTE: Remember that if a community opts out, is using Single Sign-On (SSO) or is on-premises (OP), users will see the normal login screens. Currently, we offer the EZ Link from mobile feature for non-SSO customers hosted on our servers. In a future release we hope to offer EZ Link from mobile for our SSO and on-premises customers. Note, however, that all of our customers can enable the desktop EZ Link described in our February 2016 new features update.
The EZ Link Backstory
Why did we decide to revamp the mobile login flow in the first place? The short answer is because the old flow was confusing and had a high drop-off rate.
The biggest problem was that users had to go into settings, set the community URL and then return to the login page to enter a username and password. We tackled this issue first, as described in the December 2015 new features update, by asking for the community URL upfront in the login flow.
It was an improvement, and an updated look to boot. But there was still the problem every one of us faces: too many websites and too many passwords.
We could have gone the traditional route with “Forgot your password?” followed by an email with a reset link and finally back to the mobile app to enter the new password. But what if we could have that email take you directly into the app?
We decided to start with the improved flow and give users the option to request an EZ Link instead of entering a password.
Developing a Smoother End-User Experience
We iteratively added enhancements to the login flow that helped make it a better user experience, including:
- Focusing on input fields and auto-opening the keyboard when screens expecting input load (meaning the user can start typing immediately).
- Disabling submit buttons until all required fields are populated.
- Placeholder text on input fields to prompt the user for what kind of information the field expects.
- Context-specific error messages with contrasting text and field highlighting.
While the Socialcast mobile app is almost entirely a native app for both iOS and Android, we have long used a hybrid web app for its login flow. By centralizing this code on the server, we gain the advantages of building and testing in one place while deploying changes everywhere as needed without being tied to the mobile development process. Given that we deploy server-side code to production multiple times per day, we can respond much quicker with any necessary changes, an important consideration for a sensitive area such as authentication.
In my next blog post, I’ll tell you more about how we developed the mobile login flow for a better user experience. For now, ask me anything in the comments below!