Versions Compared

Old Version 21

changes.mady.by.user Robert Straus

Saved on

compared with

New Version Current

changes.mady.by.user Sarah Holst

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Identity v3 (Powered by Auth0)

Aspenware Identity v3 - (Powered by Auth0) marks a significant leap forward in secure, reliable, and modern identity features for our valued customers. In addition to the basic login & sign-up features, this product includes customer matching logic that will help reduce duplicate customers and account for any merging of customers in RTP.

As part of Aspenware’s ongoing commitment to safety and efficiency when rolling out new products and features, we will closely monitor and evaluate data in Auth0 and in Google Analytics. This ensures smooth operations and a seamless experience for all stakeholders. However, this is just the beginning. In 2024, we plan to make massive inroads at numerous other Auth0-supported features like Passwordless and Social Sign-in to reduce any friction at login or signup.

...

What is Auth0?

Auth0 is an identity access management (IAM) provider. An IAM solution is a gatekeeper to the resources you provide to customers as web applications, APIs, etc, adding layers of authentication to secure your users’ digital identities and your product. The Auth0 identity platform supports regular web, mobile, or machine-to-machine apps.

The Identity v3 (Powered by Auth0) identity platform allows Aspenware to customize login services to fit your business, technology, and customer base.

...

  • Email (In RTP, this is an email profile)

  • First

  • Last

  • Date of birth

If the customer matched to only one (1) customer in the POS, Aspenware will send an email to the customer for them to verify that they are the owner of that email. Once verified, the customer will then be matched. The new Auth0 user account will be associated to the customer record found in the POS, and they can then sign in and purchase products on the resort commerce site.

...

Some guests may have forgotten which email the they used to sign - up with originally. If this feature is enabled, Resorts resorts can allow a guest guests to look up their email by inputting their pass number, as seen below. To enable this function, Aspenware will set the setting: "passMediaLookupEnabled": true, "customerIdLookupEnabled": true. Once . Aspenware will configure Auth0 to enable this function so that once the user selects ‘Lookup email by pass number,' they will be directed to another page to input their pass number, seen as shown below.

...

...

Creating an Account with a Pass

Though While account creation with a pass is supported in Identity v2, creating an account with a pass in Identity v3 is much (Powered by Auth0) offers a more intuitive and obvious. The benefit streamlined experience. One of the key benefits of signing up with a pass is that the guest will be able to potentially guests can easily link new purchases to their existing pass.First, the guest will input

How it Works:

  1. Enter Pass Number: Guests begin by entering their pass number

...

  1. . Aspenware will

...

  1. check

...

  1. if an account already exists

...

  1. for the guest

...

  1. .

  2. Email Profile Verification: If no existing account

...

  1. is found, Aspenware will then verify if there is an email

...

  1. associated with the guest's profile in RTP|One.

  2. Email Invitation: If an email is found, Aspenware will send

...

  1. a verification email

...

  1. inviting the guest

...

  1. to confirm their identity.

  2. Account Creation: The guest verifies their account by accepting the email invite

...

  1. , setting up a password

...

  1. , and completing their customer profile information

...

  1. . Once these steps are completed, the sign-up process is done!

image-20240501-164032.pngImage Modifiedimage-20240501-164213.pngImage Modifiedimage-20240513-191236.pngImage Modifiedimage-20240501-164449.pngImage Modified

If the guest already has an account, they will be redirected to sign-in if it’s been determined that an email exists in the auth profile in RTP|One for that pass.

...

If the a guest enters a valid pass number, but the customer pass is not associated with the pass doesn’t have an email, they cannot verify they own the pass and hence, Aspenware will prevent them the guest from signing up with that pass. This is to prevent safeguard ensures that individuals who may have picked up this pass off the ground or through other means to create an account with found or obtained someone else's pass . These individuals cannot create an account with it.

In these cases, guests will be asked prompted to call contact the resort for assistance in verifying and linking their pass to their account.

...

Bot Detection

Bot detection and preventing brute force attacks is out-of-the-box functionality that Aspenware will enable Auth0 provides built-in bot detection and protection against unauthorized login attempts that can be enabled for partner resorts. For any suspicious When suspicious activity is detected, such as from certain IP addresses, Auth0 will present a ‘challenge' to the user to check a box that they are indeed prompt the user with a simple challenge, such as checking a box to confirm they are human.

Single Sign-On

Single Sign-On

...

  • Themes are applied per store

  • GTM IDs are applied per store

  • Logins are applied per store

Rewards

The rewards Rewards module in RTP|One is connected to integrated with Aspenware Identity v3 (Powered by Auth0). If a resort wants chooses to enable a rewards program and enroll guests, an enrollment checkbox will appear on during the create customer profile screen. This will then creation process. When selected, this will communicate directly with RTP and create an enrollment status of ‘true’ in the module. |One and set the guest's enrollment status to "true" in the Rewards module.

Please note that the resort must setup configure their own Rewards module in RTP|One before Aspenware would enable can activate this feature on in the sign-up flow.

Google Analytics

We will track the following google analytics events based on the page location and user action indicated.

...

Title

...

Description

...

Location

...

Type (Page/Event)

...

Sign-in Page

...

When a customer views sign in page

...

Auth0

...

Page View

...

Forgot password page

...

Customer view ‘forgot password’ page

...

Auth0

...

Page View

...

forgot_password_select

...

Customer selected ‘forgot password’

...

Auth0

...

Event

...

forgot_password_submitted

...

Customer sent email to themselves to reset password

...

Auth0

...

Event

...

signin_attempt

...

Customer selects ‘continue’ from sign in

...

Auth0

...

Event

...

signin_error

...

Customer experiences a sign in error, such as password didn’t match, account exists, etc.

...

Auth0

...

Event

...

successful_login

...

Customer has been authenticated and directed to shop successfully

...

AW Cloud UI & Commerce

...

Event

...

signup_selection

...

Customer selects ‘sign up’ in auth0

...

Auth0

...

Event

...

Sign-up Page

...

Customer views sign up page

...

Auth0

...

Page View

...

signup_attempt

...

Customer selects ‘continue’ after input email/password when creating a new account

...

Auth0

...

Event

...

signup_success

...

Customer is successful in creating new account in auth0

...

Auth0

...

Event

...

auth0_account_error

...

Error occurred during sign up in auth0 such as email in use, API error.

...

Auth0

...

Event

...

Customer profile page

...

Customer views create customer profile page

...

AW Cloud UI

...

Page View

...

customer_match

...

Customer submits create profile and is matched to an existing customer in RTP (1 or many)

...

AW Cloud UI

...

Event

...

Customer match (1) page

...

Customer views ‘verification needed’ page after match

...

AW Cloud UI

...

Page View

...

Customer match (many) page

...

Customer view ‘call resort’ after being matched to multiple customers in RTP

...

AW Cloud UI

...

Page View

...

create_profile

...

Customer is successful in creating new customer

...

AW Cloud UI

...

Event

...

Update_Customer_Profile_Error

...

Customer experienced an error at creating a new customer

...

AW Cloud UI

...

Event

...

account_lookup

...

Customer selects ‘look up account with pass’

...

Auth0

...

Event

...

account_found

...

Customer inputs a valid pass and found an account

...

Auth0

...

Event

...

account_notfound

...

Customer input an invalid pass or no account found

...

Auth0

...

Event

...

signupwithpass_invitesent

...

Customer inputs correct pass, has email on file, and has no auth profile

...

Auth0

...

Event

...

Property: error_accountexists

...

Customer inputs a valid pass but account exists

...

Auth0

...

Event

...

Property: error_incorrectnumber

...

Customer inputs a invalid pass number and nothing found.

...

Auth0

...

Event

...

error_noemail

...

Customer inputs a valid pass but no email profile exists to verify

...

Auth0

...

Event

...

Add password

...

When a guest lands on the add password screen

...

 

...

have added Google Analytics tracking to Identity v3. For more information on the specific additions to the data layer, see Identify v3 (Powered by Auth0) Configuration Guide.

Monitoring & Alerting

Aspenware has set up implemented performance monitoring through using Application Insights. Internal teams at Aspenware will be alerted receive alerts if there are any performance degradations issues arise, such as multiple sign-in failures (e.g., 10 sign-in failures within 5 minutes). Aspenware will assess performance on a regular basis to determine trends and consult with Auth0 to determine continual improvements in the system to ensure the delivery of regularly evaluates system performance to identify trends and works closely with Auth0 to continuously improve the platform, ensuring optimal performance for resort partners.

...

Aspenware will notify the resort if there are any significant performance issues affecting Identity v3.

  • During office hours

    • Service representative Customer Success Representative to notify resort after being notified via Slack.

  • After office hours

    • On-call representative Representative will notify resort after being notified via Slack.

...

All existing (and new) 3rd party applications from Identity v2 are may be added to Identity v3. There are additional requirements and collaboration required between the resort and Aspenware to set up, as listed below:

Steps for Onboarding 3rd Party Applications

...

Resort completes the application section on the onboarding form and sends to Aspenware.

  1. Application Description

  2. Application type

  3. Callback URL

  4. Logout URL

  5. withScheme

...

See the Identify v3 (Powered by Auth0) Configuration Guide for details about setup of this feature.

Aspenware will provide

...

Resort Dev team to set up application using Auth0 guidelines

...

Resort Dev team to test

The documentation for setup can be found /wiki/spaces/PLA/pages/3188031491documentation and consultation if/when resorts wish to migrate their applications to using Identity v3 (Powered by Auth0). Please contact your Aspenware Service Agent for more information.

Theming

Aspenware will theme the resort Auth0 pages based on the criteria submitted via Theme Designer. If the resort is a current Aspenware customer, most of the information can be utilized from Identity v2, but some new information will be required.

...

Currently, the following functions are not supported with Identity v3 (Powered by Auth0):

  • RFID Account Lookup

  • Usernames

  • Rewards

  • Siriusware Integration

Guests will continue to see the Identity v2 page when using Arrival or 3rd party applications. All credentials will be validated and stored in RTP|One until a future release.

...

Have Questions?

Check out our Frequently Asked Questions page or contact your Aspenware Service Agent.