Learn how to password-protect Marketing Streams and Digital Sales Rooms (DSRs) in your Hub.
Before you begin
- Stream/DSR Authentication can be used with Marketing Streams and DSRs, but not Source Streams.
- To set up authentication on Marketing Streams, you need to be a member of the Account Administrators or Content Managers user groups.
- To set up authentication on DSRs, you need to be a member of the Account Administrators or Sales Reps user groups.
- This article is about Stream/DSR-level access control. For Hub-level access control, check out: Control access to Hub content with Hub Authentication.
- This feature is not available on all packs.
About Stream/DSR authentication
Most Hubs are intended to be fully open, so that any visitor can access them. If you'd rather control who can get into your Hub, you have the option enabling Hub Authentication, which prompts all visitors to enter a password before they can view the Hub.
However, this all-or-nothing approach doesn't work for all use cases: sometimes, you want a hybrid option in which most of your Hub is accessible, and only specific Streams or DSRs are gated off. If this is what you are looking to achieve, you can use Stream/DSR Authentication.
Here's a quick overview of how Stream/DSR Authentication works:
- When Stream/DSR Authentication is enabled, any visitor who tries to access that Stream/DSR (or any content within it) will be prompted to enter a password, which we refer to as a "passphrase". The Stream, DSR, or content will be displayed only if a valid passphrase is submitted.
- You can specify multiple passphrases for a stream/DSR, which allows you to provide different passphrases to different visitors (or groups of visitors). This also means you can selectively revoke access for particular users by disabling their passphrase.
- You can enable Stream/DSR Authentication on any Marketing Stream or DSR, but it can't be used on Source Streams.
Enable Stream/DSR Authentication
Stream/DSR Authentication is configured on a per-Stream/DSR basis, and the settings for each affect that Stream/DSR only.
When Stream/DSR Authentication is enabled on a Stream/DSR, only that specific Stream/DSR and the content inside will be protected, while all other Streams/Items in your Hub will still be publicly accessible.
If an Item in a protected Stream/DSR also appears in other, unprotected Streams/DSRs, it'll still remain accessible when viewed through the unprotected Streams/DSRs (accessing the same Item in the context of the protected Stream will prompt for a passphrase).
As a best practice, we recommend that you hide any Streams on which you enable Stream Authentication.
- Log in to Uberflip and click Hubs in the topbar menu
- If you have multiple Hubs, select the Hub that contains the Stream or DSR you want to enable Stream/DSR Authentication for.
- In the sidebar menu, click Content.
- In the Streams list, click on the Stream/DSR that you want to protect with a password.
- In the Stream editor page, click the Authentication tab.
(If you do not see this tab, you may not have the correct permissions add Stream/DSR Authentication)
- In the Authentication tab, switch the toggle under Enable Authentication to the on (green) position.
That's it! The change will be saved automatically, and will take effect immediately. Now, any visitor who tries to access this Stream will be prompted to enter a passphrase:
Can't see the Authentication tab on a Stream?
This might be because:
- You're viewing a Stream type that does not support authentication (i.e. a Source Stream), or
- You don't have the necessary permissions to configure Stream Authentication, or
- The Stream Authentication feature may not be supported in your Hub or pack type.
Add Stream/DSR passphrases
The next step after enabling Stream/DSR Authentication is to add at least one passphrase. No passphrase will be set by default, so until you add a passphrase, it won't be possible for anyone to access the Stream/DSR.
- Navigate to the Authentication tab on a Stream where you've enabled Stream Authentication.
- Click Add Passphrase
- The Add Passphrase modal will open. Use the fields provided to type in a passphrase and a description, then click on Add.
- Passphrases must be between 6 and 40 characters long, and must contain at least one letter (A-Z) and one number (0-9). Special characters are not required.
- The description you provide for each passphrase is displayed in the passphrases table on the Authentication tab, and can be helpful for identifying the user for whom the passphrase was created.
- Your new passphrase will be added to the passphrase list for this Stream, and will take effect on the Stream immediately.
- You can repeat this process to add additional passphrases, if needed.
- Adding multiple passphrases is useful if you want to provide separate passphrases to different users (or groups of users), so that you can revoke access for just that user/group later (by deleting the corresponding passphrase).
Manage Streams/DSRs with Authentication
To see more information about Stream/DSR Authentication on a given Stream/DSR, open that Stream or DSR and click on the Authentication tab. On this tab, you can view every currently valid passphrase for the Stream/DSR, along with:
- The passphrase itself
- Its description text
- The Hub user who created the passphrase
- The date when the passphrase was created
Edit and delete Stream/DSR passphrases
After you've added passphrases for a Stream/DSR, you can also change those passphrases at any time, or delete any existing passphrase.
- Navigate to the Authentication tab on a Stream/DSR where you have enabled Stream Authentication.
- To edit a passphrase, hover your mouse over it and click on the Edit button .
- To delete a passphrase, hover your mouse over it and click on the Delete button .
When you delete a passphrase, anyone who has previously logged in with that passphrase will still be able to access the Stream or DSR until they end their session (i.e. until they fully close their browser), or delete their cookies.
Note that it is not possible to force-logout visitors who previously accessed the Stream or DSR with a now-disabled passphrase.
Disable Stream/DSR Authentication
You can disable Stream/DSR Authentication anywhere it's currently enabled at any time.
- Navigate to the Authentication tab on a Stream where you have enabled Stream/DSR Authentication.
- Switch the toggle under Enable Authentication to the off (grey) position.
- The change will take effect immediately, and visitors to this Stream/DSR will no longer be prompted for a passphrase.
When you disable Stream Authentication for a Stream, any currently configured passphrases (i.e. those listed in the passphrase table) will not be deleted. As a result, those passphrases will take effect again immediately if you re-enable Stream/DSR Authentication for that Stream or DSR.
- Enabling Stream/DSR Authentication on a Stream/DSR will also automatically configure the Stream/DSR so that search engine robots are not allowed to crawl it. This will be reflected on the Streams list (i.e. the Stream will show as no-index/follow). However, note that the toggle shown next to the No Robots Meta Tag setting on the Stream's Options tab won't change.
- If you want, you can override the appearance of the Stream/DSR Authentication login page to style it in any way you like by using custom code.
- If you enable both Hub Authentication and Stream Authentication at the same time, they'll be in effect independently. In other words, entering the Hub password will not also provide access to any protected Stream: each Stream with Authentication enabled will still prompt for a passphrase.
- Stream Authentication can also be enabled on DSRs via Sales Assist.