Publisher Site Login

Last modified April 21, 2022

For Web

Publisher Site Login access is ideal for those publishers who already have a login feature on their website and wish for users to access the digital edition through their login page. Publisher Site Login authentication restricts access to a digital edition to users who access via a link from an authenticated page, typically accessible through a login form on your website. That page is considered the Referrer URL.

Multiple referrer URLs may be authenticated for a collection.

If a user tries to view the digital edition without having come first from the referring URL, they will be redirected to a specified alternative URL (usually a login or subscribe page).

*Note 1: A referrer URL is considered valid if it matches the root of the specified referring URL.

Example: 
The authenticated referrer URL is: https://www.abc.com/profile

then https://www.abc.com/profile/archives and
https://www.abc.com/profile/document would also be considered valid referrers 
because the root of the URLs matches the authenticated referrer URL values.

However, if the authenticated referrer URL is http://www.abc.com/profile/archives

then https://www.abc.com/profile would not be a valid referrer, as it is missing 
the last part of the referrer (/archives).

**Note 2: In order for the referring url to be preserved, the calling page can’t use any programmatic redirects, such as a javascript window.open, to open the digital edition’s URL.

***Note 3: Referring URLs need to be HTTPS.

Setting the Policy

Browsers now enforce a stricter referrer default policy (strict-origin-when-cross-origin). In order for PSL pages to work, you will need to set the referrer-policy to the previous default value (no-referrer-when-downgrade) when redirecting to your digital edition. There are a few options when doing this.

Option 1 – Set policy as http header:
Referrer-Policy: no-referrer-when-downgrade

This option is useful for dynamically generating pages and would likely require a developer to implement.

Option 2 – Set policy has page metadata tag:
<meta name=”referrer” content=”no-referrer-when-downgrade”>

This option is the easiest to implement, as it only requires adding this meta-tag to the page with the link to your digital edition.

Option 3 – Set policy as attribute on a-tag:
<a href=”http://url-to-webreader.com” referrerpolicy=”no-referrer-when-downgrade”>

This would require adding an attribute to every link to your digital edition.

Please note, if you have an app with GTxcel that also utilizes Publisher Site Login, this change will need to be made on BOTH the referrer URL(s) and app success page.

For details, see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

PSL for Apps

Publishers Site Login works very similarly in the app, you will need a mobile version of your login page and a success page. The success page will be used as the valid referrer url.

Using this access model in the app provides users with access to all documents available in the app; there is no ability to restrict access to specific documents that have been converted for the app.

Recommended for:

  • Association publishers
  • Publishers using their own user authentication access to the web digital edition

Setup and Requirements:

  • Login URL – Must be secure (https) & mobile optimized and must NOT contain any methods of subscribing or registration (log in only).
  • Success URL  (This page will not actually be displayed to the app user, but will be used by the app to recognize that the user should be granted access).
  • Test account, including username and password. This is required to provide to Apple as part of the submission process in order for the app to be approved.

Guidelines for Mobile Optimized Login Page:

Mobile browsers require simple and clean HTML in order for the page to display and function properly.  Often times, the login page that is used for standard web browsing will not render on mobile devices. Some publishers choose to create a new login page specifically for mobile devices, per our recommendation.  This alleviates the need to try to balance the elaborate HTML that many publishers prefer to have on a standard web browser with the limitations of mobile browsers.

Here are some guidelines for creating your mobile optimized login page:

  • Create simple HTML.
  • Remove any extra or unneeded div tags and tables.
  • Do not use HTML that is created from programs such as Microsoft Word or Dreamweaver as these tend to create HTML that is not clean and simple.
  • Do not include Flash on this page, as it will not display on mobile devices.
  • Test the login page on both a mobile Safari browser and a mobile Android browser to confirm that the page displays and functions as expected.
  • Must be secure (HTTPS).
  • May NOT contain methods for subscribing or registering.
  • Should only contain option to log in.

Guidelines for the Success URL:

The success URL is a critical piece to making Publisher Site Login work properly.
Here are some guidelines for creating your success URL:

  • The success URL must be a static URL, meaning it cannot change from user to user.
  • The success URL cannot be the same as the login page. Pages that dynamically display content depending on a users log in status will not function in the app correctly.
  • If any type of identifier is used in the success URL, it must be included after the base URL.

Technical Explanation:

From a technical standpoint, the way our apps determine log in success is as follows:

  1. When a user attempts to access any portion of the app that contains restricted content, the app opens a web view containing the login URL.
  2. Every time the user visits a new page within the web view, the app reads the URL.
  3. If the URL matches the success URL using the regular expression ~ /^$success_url/   we immediately close the window and grant access to all restricted content within the app.

*Note: GTxcel only checks that the URL visited by the user starts with the success URL that was provided.

Example: If your success URL is http://website.org/success 

we will still grant access to http://website.org/success/myaccount, 
http://website.org/success.html or http://website.org/success?key=value&key2=value.
Need Help?
The Digital Help Desk is the process for communicating with GTxcel regarding new title setups, questions, and technical issues for the Web Reader and/or Apps.

You can submit a request to us through the Request Help button located in the Publisher Dashboard or call the support number: 800-609-8994, option 3.
Contact Us GraphicContact Support
8AM - 5PM EST
Monday to Friday
800-609-8994, option 3
Response Times
General Question/Requests – A Customer Success team Member will begin working on your request within one to two hours of receipt. We will complete the request as soon as possible; we aim to have all requests completed within 24 hours.