Integrating with a customer portal

There are two major types of integrations with external customer portals:

1. Direct: End-client uses MetalSoft’s user portal to deploy infrastructure

2. Indirect: End-client uses customer portal to deploy infrastructure

Direct integration with an upstream customer portal

In this setup the MetalSoft end user portal (the drag and drop interface) is exposed to the user.

This setup is relatively easy to deploy and provides a good user experience to end-users for bare metal as a service offerings. It is however not suitable if other high level services such as VM-as-a-Service is offered.

There are multiple supported mechanisms for authenticating users in MetalSoft portal. More than one can be active at any give time:

1. Using SAML (recommended)

2. Using LDAP

3. Using built-in authentication

The choice will depend on the capabilities of the portal. For more information visit Authentication Overview.

SAML-compatible ID service (Recommended)

If the existing user portal uses a SAML-compatible ID service such as Azure AD, OKTA, Auth0 for login then this setup is very simple as MetalSoft can be configured to use the same SAML provider from the Global Configuration>Authentication tab.

For an example configuration consult: Configuring SAML for OKTA

LDAP-compatible ID service

If the existing user portal uses a LDAP-based login (FreeIPA, Active Directory) then MetalSoft should be configured to use LDAP protocol from the Global Configuration>Authentication tab.

For an example configuration consult: Configuring LDAP for Microsoft Active Directory

Built-in authentication

MetalSoft’s built-in user management system is relatively robust. A portal could either:

1. Create the users and set passwords using the API

2. Let users sign-up on MetalSoft’s sign-up page.

Managing users via the API

The portal could create users and delete users in MetalSoft via the API:

• user_create_with_access_level

• user_get

• user_delete

Note that the users have to have the billable flag set to allow them to deploy infrastructures. user_billable_set can be used to configure this flag.

Enabling user sign-up

A partner portal could redirect users to the MetalSoft Signup page. To enable the Built-in sign-up process: Global Configuration > Authentication > Signup page enabled. Once enabled the signup button and the signup process will be enabled and available at https:/<env_hostname>/en/signup.

Note that users can also enable or disable authenticator on their account on their own.

Indirect integration with an upstream customer portal

In many situations the upstream portal will use API calls to managed infrastructures:

Embedding the MetalSoft Remote Console into a customer portal

The HTML console is a very useful tool for end-users to be able to interact with the server via the out-of-band network in an emergency or even as primary means of managing a server.

This console can be integrated into a 3rd party customer portal for a seamless experience.

Consult Embedding the Remote Console for more details.