Retrieving the Blue Cedar username from JavaScript

This article covers the usage of JavaScript API calls available to secured apps. Currently the only API available is a JavaScript property to get the username of the enrolled user.

PropertyValueNotes
bcninfo.usernameString representing the username used to authenticate to the Blue Cedar Gateway. This will typically be the value of the common name of the enrollment certificate when using certificate enrollment.This value is security restricted and is only accessible to web sites that are trusted to received identity information. Sites must be listed in the "Host White List" of the Client Certificates section of the Policy Console UI.

Step-by-step guide

To use the Lighthouse SDK JavaScript API:

  1. Configure the "Client Certificates Profile" to trust the websites to which identity information should be shared. Tip: if you are having trouble, try setting a host pattern of "*" to debug whether issues are caused by unknown origins. See Client Certificates documentation for more information about Client Certificates profiles.

  2. Write JavaScript code that reads the "bcninfo.username" property. In a secured app that has been configured to share identity information, this property returns a string matching the name of the enrolled user.

Examples

Example configuration of a policy console:

Example HTML using the API:

<html>
  <head>
    <script>
      function showUsername() {
      document.getElementById("username").innerHTML = "Received the following username from JavaScript Lighthouse SDK bcninfo.username property: <b>'" + bcninfo.username + "'</b\
>";
      }
    </script>
  </head>
  <h1>JavaScript Lighthouse SDK</h1>
  <div id="username"></div>
  <button onclick="showUsername()">Get Lighthouse SDK Username</button>
</body>
</html>

Example screenshot of the example HTML in a secured app: