Initiating a Cardholder Session
When taking advantage of the Triple White Label UI, it is necessary to authenticate the end user (customer) with Triple in order for the platform provide adequate targeting & personalization, and to track offer activations.
As a Publisher you will have to implement the following flow to be executed when a customer is passed to the Triple White Label UI.
Step 1 - Requesting a partner token
You will have to request a Triple Partner Token using the specific client_id and client_secret provided by Triple.
You can obtain a Triple Partner Token by making a x-www-form-urlencoded POST request to either:
- Sandbox: https://auth.sandbox.tripleup.dev/oauth2/token
- Production: https://auth.tripleup.dev/oauth2/token
The complete procedure is detailed in the Getting Started > Step 1: Authentication
Step 2 - Initiate a user Session
After obtaining the Triple Partner Token, you will have to create a JWT session token specific to the user.
You can obtain the User Session Token by making a POST request to either:
- Sandbox: https://ui-api.partners.sandbox.tripleup.dev/initiate-session
- Production: https://ui-api.tripleup.dev/initiate-session
curl --location 'https://ui-api.partners.sandbox.tripleup.dev/initiate-session
' \
--header 'Authorization: Bearer my_triple_partner_token' \
--header 'Content-Type: application/json' \
--data '{
"card_account_id": "triple'\''s card_account_id",
"token_expiry_duration": 60,
"default_postal_code": "90210"
}'
You can also iniate a session using a combination of external_card_account_id and external_card_program_id
curl --location 'https://ui-api.partners.sandbox.tripleup.dev/initiate-session
' \
--header 'Authorization: Bearer my_triple_partner_token' \
--header 'Content-Type: application/json' \
--data '{
"card_account_external_id": "the publisher-set card account id",
"card_program_external_id": "the publisher-set card program id",
"token_expiry_duration": 60,
"default_postal_code": "90210"
}'
Optional properties:
token_expiry_duration: Duration the user session token is valid for. The default and maximum value is 60 minutesdefault_postal_code: The postal code to use for offers localization if location services are unavailable/not granted
The response will include a session token as well as properly formatter redirect URLs.
{
"baseUrl": "https://{my_custom_domain}.rewards.tripleup.dev",
"redirectUrl": "https://{my_custom_domain}.rewards.tripleup.dev?token={token}",
"redirectUrl2": "https://{my_custom_domain}.merchant-rewards.com?token={token}",
"token": "{JWT_token}"
}