Last modified: July 12, 2010

Applies to: Office 2007 | Outlook 2010 | SharePoint Server 2010

Logs on to the social network site by using forms-based authentication.

HRESULT _stdcall LogonWeb([in] BSTR connectIn, [out] BSTR* connectOut);


[in] A string that is null, an URL to a logon form on the web, or a string that contains logon credentials, depending on the context in the logon process when this method is called.


[out] A string that contains logon credentials.

The OSC calls the LogonWeb method only if the provider indicates that it supports forms-based authentication. The provider indicates that it requires forms-based authentication by setting useLogonWebAuth as true in the XML for capabilities. If the provider sets useLogonWebAuth as false, the OSC uses basic authentication and calls the ISocialSession::Logon method.

Logging on to a social network site by using forms-based authentication involves calling the LogonWeb and ISocialSession::GetLogonUrl methods in a specific order:

  1. The OSC calls LogonWeb the first time, passing null to the connectIn parameter.

  2. The provider raises the OSC_E_AUTH_ERROR error to the OSC.

  3. The OSC next calls GetLogonUrl.

  4. The provider returns the appropriate URL to a logon page in the GetLogonUrl method.

  5. The OSC uses the URL returned by GetLogonUrl to display the forms-based logon page.

  6. The OSC then calls LogonWeb a second time, passing the URL to the logon form in the connectIn parameter.

  7. If authentication succeeds, the provider returns logon credentials in the connectOut parameter to the OSC. If authentication fails, the provider raises the OSC_E_AUTH_ERROR error to the OSC.

If the OSC provider supports logging on using cached credentials, it specifies useLogonCached as true in the capabilities XML. The provider should place any logon credentials in the connectOut string that the provider wants the OSC to store across connections. The OSC does not interpret the connectOut string. After the OSC verifies that useLogonCached is true, the OSC encrypts the string for security before storing it in the Windows registry. The OSC passes this string to the connectIn parameter on subsequent attempts to log on to the social network by calling ISocialSession2::LogonCached.

For information about error codes, see Outlook Social Connector Provider Error Codes.