Sign In with Dombox
"Sign In with Dombox" is a privacy-focused alternative for "Sign in with Google" and "Sign in with Facebook". "Sign In with Dombox" offers only minimal data to websites and apps with user permission.
Demo
Portal
Portal can mean many things. e.g. Web portal. But we are using the term Portal in the science fiction context.
You might have seen the portals in movies. In the movie Avengers, they use a Vertical Portal to travel between planets. But in the movie Dr. Strange, they use Horizontal Portals to travel between places on earth.
We're using the term "Portal" because the consumers save their time by skipping the process like filling registration forms, Creating a contract, Creating a Combox, Verifying emails etc. Consumers also skip the Login forms while logging in.
Select Domain
Portals cannot be created for unverified domains. You need to verify your domain first before creating a portal.
Every portal will be linked to a domain. In the select domain page, the business owner needs to select the domain from the domain field. Only verified domains, are available for selection.
Portal Info
In Portal Info page, the business owner enters the Portal Name and Redirect URIs.
A domain can have unlimited portals. But for most domains, only one portal is enough. For example, an educational website can have a portal for students and another portal for teachers. To prevent confusion, the business owner should give a portal name to identify the portal properly.
For security reasons, all portals must have at least one Redirect URIs. The business owner needs to provide that.
If you have any plans to deploy the portal app in Native mobile applications or Javascript only applications, then it requires "implicit grant" in order to work. In such cases, the Business Owner can Opt-In by checking the "Allow Implicit Grant" checkbox.
Note: Check "Allow Implicit Grant" checkbox, only when you need this option. Implicit Grant provides low security. This is disabled by default for security reasons.
Portal Type
Non-Contracting Portal - These are Normal Portals. Dombox addresses are not tied to any contracts.
Contracting Portal - These are Exclusive Portals. Dombox addresses are tied to contracts. [Learn more about "Contract with Dombox"]
Site Links
In the Site Links page, the business owner enters the relevant site links.
These links will be displayed to consumers. So they can check the links before signing up to the website.
The Business owner should provide the Privacy Policy Page URL, Terms Of Service Page URL, Pricing Page URL.
Required Data
Scroll down to lean more about the data.
Privacy
If your project is under development, don't set the portal to "Public".
Configure Client
Configure portal client to accept signups
Data Classifications
User Data is classified into three categories.
Data | Sensitivity |
---|---|
Green Data | Low |
Yellow Data | Medium |
Red Data | High |
Green Data
If a third party website gets hacked, the damage is nearly null in this category. This is because all data found in this category are Insensitive ones (including email address).
e.g. Back in 2013, 150 million Adobe accounts were hacked. If Adobe had only our green data, they can contact our consumers without any issues, on the other hand, this data is useless in the spammers hands. Because hacking this data is nothing more than crawling Facebook profiles.
For most websites, only Green Data is enough. If you are a website owner, keep in mind you are discouraging user signups if you request "Yellow Data" and "Red Data" without a sensible reason.
"Green Data" contains the following fields.
First Name, Last Name, Display Name, Preferred Usernames, Domkey, Email, Gender, Avatar, Age Group, Date Joined, Time Zone, Locale, Date Format, Website
Field | Description |
---|---|
First Name | Self-Explanatory |
Last Name | Self-Explanatory |
Display Name | Display name provided by the Consumer. If provided websites are advised to use this name in profile display instead of consumer's full name. |
Preferred Usernames | Some websites requires a username to create "Vanity URL". This is a comma separated value. The website can use the usernames if available |
Domkey | Explained already |
Isolated Email Address. Not the primary email | |
Gender | Consumer's Gender. It can be one of the following values. Male (M), Female (F), Others (O) |
Avatar | Avatar URL |
Age Group | Consumer's age group. If the consumer is in his/her twenties, then this value would be 20. If the consumer is in his/her thirties, then this value would be 30 and so on. The possible value would be from 10 to 120 |
Date Joined | Consumer's signup date to the Dombox mail service. |
TimeZone | Timezone value set by the Consumer. So the website can display date and time based on the consumer's time zone. |
Locale | Preferred Language Locale value set by the Consumer. If the website supports the locale, then the website user interface would use that locale. e.g The value "en_US" means US English. The value "en_GB" means UK English |
Date Format | Date format value set by the Consumer. So the website can display date based on the consumer's date format. |
Website | Website value set by the Consumer. So the business can display the website URL in profile if provided. |
Yellow Data
If a third party website that contains the yellow data get hacked, then the damage is minimal.
"Yellow Data" contains the following fields.
Date of Birth, Country, Social Links.
Keep in mind, the consumer has the option to decline Yellow Data and Red Data requests.
Yellow Data and Red Data require a valid reason for each field.
For instance, Yellow Data contains "Date Of Birth" field. If some website needs to access that data, then a valid reason is required from them. e.g. "Adult website. For age verification" is a valid reason. But "To send birthday wishes" is not.
Field | Description |
---|---|
Date of Birth | We put the "DOB" field in the "Yellow" category because it requires moderate privacy. e.g. Search results for "Name: John Smith" => 10,000 results. Search results for "Name: John Smith and DOB: 05/05/1985" => 2 results. |
Country | We put the "Country" field in the "Yellow" category because it also requires moderate privacy. e.g. Some websites may block users from a certain country. Users usually bypass that by faking the IP address with a "Proxy". So giving country data to the website in "Green Data" is not a good idea |
Social Links | Social Links are put in "Yellow" category because social profiles are prone to stalking. |
Red Data
Red Data contains highly sensitive fields. Phone Number, Billing Address, Shipping Address
These data will be helpful when signing up for e-commerce websites
Again.. the consumer has the option to decline the Red Data request.
And Red Data requires a valid reason for each field.
A portal that requests access for at least one "Red Data" field is called "Red Portal"
A portal that requests access for at least one "Yellow Data" data but not "Red Data" fields is called "Yellow Portal"
A portal that requests access for only "Green Data" fields is called "Green Portal". By default, all portals have full access to this data.