If you would like to use Chargebee’s customer portal details to authenticate the customer in your application or to password protect your pages using customer portal username and password, you can make use of our Portal Sessions API for this use case.
This is how to set this up:
Users should be redirected to the portal login URL when they are to login to your app - https://yourdomain.chargebeeportal.com/portal/login, by passing the following parameters:
return_url - URL the users should be redirected to upon successful authentication.
cancel_url - URL the users should be redirected to when they want to go back to your website during login.
If your Chargebee site is labs-test.chargebee.com, and the website you want to redirect is http://chargebee.com, the URL would be
The domain name used in the Return/Cancel URL should be added as a 'Whitelisted Domain' in Chargebee. Add just the domain name in Chargebee and not the entire URL: E.g. yourdomain.com.
This can be done under Settings -> Hosted Pages Settings -> Whitelist Return URL
Upon successful authentication, a session is created for the user and Chargebee redirects the user to the return_url along with the following parameters:
auth_session_id - Identifier to the authenticated session.
auth_session_token - Token for the session which should be sent later to activate this session.
Here’s a sample URL for reference, for the test call given above:
Using the auth_session_id & auth_session_token, you should call Activate a Portal Session API to validate the session details. You would also receive another parameter called has_active_subscription which would tell you if the user has an Active subscription or not. Based on this, you can create a session for that user in your website and provide them access to their content.
Note: The customer must be present in Chargebee and they must have already activated their portal account (By verifying their email address and setting their password) prior to this.