Logging in your users

Logging in users is one of the most important parts of integrating with BaseKit. Whilst log in can be a very simple process, so too can it be enhanced to provide users with a more bespoke experience befitting of your particular business model.

Using the API is the most powerful and customisable way to log in your users, if you’re happy with something simpler you might want to instead consider our BaseKit log in widget.

Simple log in

Obtaining a log in hash

To log in a user you’ll first need to generate them a log in hash using POST /users/:userRef/auto-login. When you have the hash you will use it to construct a URL that will create a session for the user and take them to a particular destination.

Using a log in hash

The simplest means of using the generated hash is to append it to a user’s domain in the format http://www.site-domain.tld?hash=abcdef123456. This works with both desktop (V6) and responsive (V7) sites.

By default V7 sites will go straight to the editor upon log in. V6 sites will do the same unless a template has not yet been selected for that site, in which case the destination will instead be the template picker.

The flow engine

The alternative means of using the generated hash is to use it with the ‘flow’ subdomain of your brand domain in the format https://flow.brand-domain.tld/login?hash=abcdef123456&siteRef=123.

The flow subdomain enables usage of the flow engine, a system that can decide where in the application to send the user based upon both brand and the state of the user’s site. Each flow has its own set of criteria that enables it to determine where to send a user at certain points in their journey through the product.

Example flows include:

More information about entry flows can be obtained from your Account Manager.

The flow subdomain also enables use of persistent log in and deep linking, neither of which are available using the user’s site domain.

Persistent log in

Persistent log in allows a user to return to the product at any point within the next six months (in the same browser) without needing to log in again. Every time they do visit the six month clock is restarted. This has the effect of allowing users to stay logged in forever provided they visit at least once every six months.

Using persistent log in

Simply construct a log in URL in the normal way using the ‘flow’ subdomain, and append persistLogin=1 to it. E.g.


Things to note

There are a few things you’ll want to consider before using persistent log in that will help determine whether or not it is a suitable solution for you and your users:

Deep linking

Deep linking allows you to manually specify where to send your user after they enter the product. For instance, after a user upgrades to an ecommerce package you might want to send them straight into the ecommerce admin area so that they can begin building their new store.

Deep linking is once again used with the ‘flow’ subdomain and merely requires adding an additional parameter to the end of the usual constructed log in URL. Please ensure that you encode the parameter. E.g.


Need help?

Our teams are always on hand to assist you. For commercial enquires contact partners@basekit.com, and for technical questions integrations@basekit.com.