PART 2 - JWT - ReferenceId passed in JWT
Generating an Authentication JWT with ReferenceId
After the BIN Intelligence API response is received, the integrator must generate an Authentication JWT with the ReferenceId received in the response. The Authentication JWT and the DeviceDataCollectionUrl must be sent up to the merchant's frontend in order to complete the Device Data Collection requirement. In addition, the integrator can also include a ReturnUrl as a root level custom claim in order to receive the response from Device Data Collection Url.
Example of the Authentication JWT with a root level ReturnURL custom claim
{
"jti": "7b9e0f50-a4a7-11e8-91e8-795883ca8f10",
"iat": "1534789987",
"iss": "Midas-TwoDotOh-Key",
"OrgUnitId": "59c2745f2f3e7357b4aa516a",
"ReferenceId": "60b98564-2faa-4d39-9c41-ce913ba3be99",
"ReturnUrl": "http://localhost:8189/cart/enterprise/collect-term"
} |
Initiating the DeviceDataCollectionUrl
Now that you have successfully called the BIN Intelligence API to start the Device Data Collection session, generated an Authentication JWT, you will need to pass the Authentication JWT and Device Data Collection URL up to your frontend. The front end is the location required to initiate the DeviceDataCollectionUrl because this url needs access to the Consumer's browser in order to invoke Method Url. You will need to initiate a form post in a hidden iframe to the Device Data Collection URL that was passed up from your backend system and the Authentication JWT as a post parameter.
<iframe name="collectionFrame" height="10" width="10" style="visibility: hidden; position: absolute; top: -1000px; left: -1000px;"></iframe>
<form id="collectionForm" target='collectionFrame' name="devicedata" method="POST" action="https://centinelapistag.cardinalcommerce.com/V2/Cruise/Collect">
<!-- POST Parameters: is the JWT which is the Authentication JWT with the ReferenceId from the BIN Intelligence API Response -->
<input type="hidden" name="JWT" value="Authentication JWT generated per specification" />
</form>
<script>window.onload = function () {
// Auto submit form on page load
document.getElementById('collectionForm').submit();
}
</script> |