You can offer your users one-click access to the Advantage Finance application management website.
The client software must access the specified address providing the encrypted login parameters either as part of the url (GET) or as an http POST.
Required parameters
| Name | Value | Description |
|---|---|---|
| username | The user's username for the website. | |
| password | The user's password. | |
| pin | The user's PIN. | |
| encmethod | 1 | The encryption method used. |
The url for submitting the requests to is https://www.advantage-finance.co.uk/autologin.asp.
Both the username and password must be encrypted using a variant of ROT13 (we are aware of the limitations of this, but consider it sufficient for this usage).
Private Function Rot13(ByVal sInput As String) As String
'[encmethod:1]
'a = 95
'z = 122
'A = 65
'Z = 90
'0 = 48
'9 = 57
Dim sO As String 'strOutput
Dim nA As Integer 'newASCII
Dim curChar As String
Dim iChar As Integer
For iChar = 1 To Len(sInput)
curChar = Mid(sInput, iChar, 1)
Select Case Asc(curChar)
Case 95 To 122
nA = Asc(curChar) + 13
If nA > 122 Then
nA = nA - 26
End If
sO = sO & Chr(nA)
Case 65 To 90
nA = Asc(curChar) + 13
If nA > 90 Then
nA = nA - 26
End If
sO = sO & Chr(nA)
Case 48 To 57
nA = Asc(curChar) + 5
If nA > 57 Then
nA = nA - 10
End If
sO = sO & Chr(nA)
Case Else
sO = sO & curChar
End Select
Next iChar
Rot13 = sO
End Function
User has a username of fredsmotors, a password of kangaroo and a PIN of 123456.
Client software would navigate to https://www.advantage-finance.co.uk/autologin.asp?username=serqfzbgbef&password&xnatnebb&pin=678901&encmethod=1
The security on the application management website requires that passwords expire and must be changed at least every thirty days. Use of the auto login feature does not bypass this requirement. It is therefore recommended that you provide your users with an interface for changing the current login credentials.