Accessing Bubble pages externally with authentication

I’ll admit I didn’t spend much time researching this on my own as figure easier to just post to get some guidance on where to start.

Here’s basically my setup. We have a Bubble application which is our internal CRM system. We then have a 3rd party customer portal that’s built on Laravel, where customers can log in, view all their invoices from our billing system, as well as view other pieces of information that the portal pulls via API from other systems. These are all unrelated to Bubble.

Users log into the customer portal via a username and password in the billing system. What I’m trying to accomplish, is basically having a link in the customer portal, that when clicked, opens a new tab or popup, which then displays a page from our Bubble application to the user, but authenticates them somehow.

So for example, say I have a data type called “Services” in Bubble, and I want a page called “customer_service_details” which is customer facing, to be accessible to a customer. I’d basically want the customer to click a link in our customer portal, that opens Bubble to the customer_service_details page, showing details relating to the specific customer. My main requirement though is I don’t want the customer to have to log in twice. If they are logged into the customer portal, I want them to be able to click the link like “View my service” and have it open a Bubble page showing it, but not require they need a username/password, but still having it secure so that any random person with the link also can’t just access it.

Would love any feedback on how to accomplish this or what I might want to look into to make it work. Thanks!

Hi @lmoreau,

can you somehow alter the Laraval application too?

Or do you need a solution where you make changes exclusively to your bubble app?

Best,
Julius

Hi yes I definitely can alter the Laravel one. The main thing is that users log in to the Laravel customer portal, but I wanted to be able to use Bubble to do a few different pages instead as I can program Bubble but not Laravel. I just didn’t want users to have to log in twice, so figured a better user experience is logging into Laravel portal, clicking a link and Bubble just opens basically showing them the info.

While I never like the idea of authenticating without using SSO, I can say if you still wanted to keep it somewhat secure, you could generate a random string as part of your workflow. Then send the random string within the URL to the email address you are sending it to. When the user clicks the link, it will take them to a page that is looking for the string within the URL.

If the string is empty, you should have it route them back to the main Index page.

Great if what @josh10 has suggested works for you.
As I understood it, the workflow of the button “View my Service” would be on the Laravel end of your service. So does this suffice for your purposes?

Best,
Julius

No that doesn’t work, the point is the systems should be integrated, not having the user log into one system and then click a link to view something from Bubble and have to go through that. It should be a seamless experience, as in they log into our customer portal which has a username/password which is in our billing system, as the customer portal is for our billing system, but then have links inside the portal the opens Bubble pages relating to that customer, but without them having to log in again. If they need to log in twice or have codes emailed to them then I’d just pay our developer to add everything directly to our customer portal and not use Bubble at all in this case.

I understand. That’s why I was asking.
If you can however tell your clients that there is a big advantage to click this button and login another time / with another login, then they might understand that it is to ensure security while optimising costs for them. (even though sub-optimal)

You could also keep them logged in for example too reduce the effort on their part.

Just bouncing of some ideas to make it work for you. If you cannot code it up yourself and don’t like the second login or email code thing you must go with what you have I assume. In that case I recommend to get back to your developer. Especially if you already have lots of users that you cannot hit with such a change.

Let me definitely know what you decided to do.

Best of luck,
Julius