Restricting Access to Cloud Pages in Salesforce Marketing Cloud
Cloud Pages are a powerful tool in Salesforce Marketing Cloud (SFMC) for delivering marketing content to customers across various channels. One common use case is redirecting subscribers to a Cloud Page from a call-to-action (CTA) button or link in an email. However, there are scenarios where you may need to restrict access to Cloud Pages, such as for internal campaigns or confidential information. In this blog post, we'll explore different methods to restrict access and ensure that the right users can view the content they need.
Personalized Content
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57 | %%[
/*Declare Variables*/
var @Display,@rowCount,@rows,@CredentialDisplay,@Email,@Password
/*Get the parameters(Credential) posted to the page and encrypt them*/
set @Email= EncryptSymmetric( RequestParameter("Email"),
"des;mode=ecb;padding=zeros", @null, "0x7FEBCBCBCB9BCB01", @null, @null, @null, @null)
set @Password = EncryptSymmetric( RequestParameter("Password"),
"des;mode=ecb;padding=zeros", @null, "0x7FEBCBCBCB9BCB01", @null, @null, @null, @null)
/*We will have 2 variables one is @CredentialDisplay and other is @Display
@Display Will be used to control display of confidential blocks
@CredentialDisplay will be used to control display of login div
/* Display login div by default */
set @CredentialDisplay=""
/*Dont Display confidential data by default*/
Set @Display ="None"
/*Lookup row count in the DE matching encrypted data*/
set @rows = LookupRows("Authenticator","Email", @Email,"Password",@password)
set @rowCount = rowcount(@rows)
/*If credentials matched Display confidential data and dont Display login div */
IF @rowCount == 1 THEN
set @Display =""
set @CredentialDisplay="None"
ENDIF
/*Make sure Confidential data is not displayed when no Lookup row count
in the DE matching encrypted data*/
IF @rowCount != 1 THEN
set @Display ="None"
ENDIF
]%%
<div style="display:%%=v(@CredentialDisplay)=%%;">
<h1>Please login to view this info</h1>
<form action="?" method="post">
<label for="subkey">Email: </label>
<input type="text" id="subkey" name="Email">
<br>
<br>
<label for="subkey">Password: </label>
<input type="text" id="subkey" name="Password">
<br>
<br>
<input type="submit" value="Login">
</form>
</div>
<div style="display:%%=v(@Display)=%%;">
<h1>personalized information goes here
</h1>
</div>
|
In the above code, we use AMP script to handle the login process. When a user navigates to the page, they are required to log in to view personalized content. The display of certain elements is controlled based on whether the user's credentials match the data in a specific data extension.
Before logging in:
After logging in:
Confidential Data:
If you're dealing with confidential information, a similar approach can be applied. However, instead of using AMP script, we'll use Server-Side JavaScript (SSJS) to ensure that data is written to the Cloud Page only when the user authenticates. Here's an example of the modified code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62 | %[
/*Declare Variables*/
var @Display,@rowCount,@rows,@CredentialDisplay,@Email,@Password
/*Get the parameters(Credential) posted to the page and encrypt them*/
set @Email= EncryptSymmetric( RequestParameter("Email"),
"des;mode=ecb;padding=zeros", @null, "0x7FEBCBCBCB9BCB01", @null, @null, @null, @null)
set @Password = EncryptSymmetric( RequestParameter("Password"),
"des;mode=ecb;padding=zeros", @null, "0x7FEBCBCBCB9BCB01", @null, @null, @null, @null)
/*We will have 2 variables one is @CredentialDisplay and other is @Display
@Display Will be used to control display of confidential blocks
@CredentialDisplay will be used to control display of login div
/* Display login div by default */
set @CredentialDisplay=""
/*Dont Display confidential data by default*/
Set @Display ="None"
/*Lookup row count in the DE matching encrypted data*/
set @rows = LookupRows("Authenticator","Email", @Email,"Password",@password)
set @rowCount = rowcount(@rows)
/*If credentials matched Display confidential data and dont Display login div */
IF @rowCount == 1 THEN
set @Display =""
set @CredentialDisplay="None"
ENDIF
/*Make sure Confidential data is not displayed when the
row count in the DE matching encrypted data
is zero*/
IF @rowCount != 1 THEN
set @Display ="None"
ENDIF
]%%
<script runat="server">
Platform.Load("Core","1.1.1");
try{
//Get Parameters from Ampscript
var CredentialDisplay= Variable.GetValue("@CredentialDisplay");
var Display= Variable.GetValue("@Display");
//If condition to display login section
if(CredentialDisplay != "None") {
Write("<div><form action=\"?\" method=\"post\"><label for=\"subkey\">Email: </label> <input type=\"text\" id=\"subkey\" name=\"Email\"><br><br><label for=\"subkey\">Password: </label><input type=\"text\" id=\"subkey\" name=\"Password\"> <br> <br> <input type=\"submit\" value=\"Login\"> </form> </div>");
}
//if condition to display confidential information
if(Display != "None") {
Write("<div><h1>confidential information goes here</h1></div>");
}
}
catch(e){
Write(Stringify(e));
}
//End catch
</script>
|
In the above code, we combine AMPscript and SSJS to handle authentication and display confidential information accordingly. The login section is displayed only when the user hasn't authenticated yet, and the confidential information is shown once authentication is successful.
Restricting access via IP address:
- Create a data extension to store the allowed IP addresses.
- Retrieve the IP address of the customer accessing the Cloud Page using var ip = Platform.Request.ClientIP();
- Compare the customer's IP address with the list of allowed IP addresses stored in the data extension.
- Based on the comparison, restrict access partially or entirely using conditional statements.
No comments:
Post a Comment