We’ve got an asp.net mvc website that is currently in a private beta state. As such we are sending out invite codes that must be supplied as part of the registration process for registration to succeed. We’d like to reduce the bar of entry such that users only have to supply the code to gain access rather than going through a more laborious registration process. We do have anonymousIdentification enabled, and as such, I assume that these users would remain anonymous.
Is it possible to somehow differentiate between a plain-old anonymous user and one that has supplied the correct code? For instance, can anonymous users be added to a role? Any other suggestions?
Are you expecting your users to return beyond the first session and be identifiable? The best you can do is store things in a client-side cookie. If those are nuked, the user needs to re-establish themselves when (re)visiting your site. OR you’re asking them to re-enter their validation code, which could then be shared with others — not really an option.
I totally get the lower-the-bar requirement. I would suggest making your account setup minimal and easy — email + password, for example. Use the invitation code to restrict access to the account page, then mark it off the list when the code has been used (map the new userId to the invitation code.)
You’ll get a head-start on your account signup process (perfect for beta testers) and won’t have to create something that’s entirely a throwaway.