Skip to main content

Initiating a Cardholder Session

When taking advantage of the Triple White Label UI, it is necessary to authenticate the end user (customer) with Triple in order for the platform provide adequate targeting & personalization, and to track offer activations.

As a Publisher you will have to implement the following flow to be executed when a customer is passed to the Triple White Label UI.

Step 1 - Requesting a partner token

You will have to request a Triple Partner Token using the specific client_id and client_secret provided by Triple.

You can obtain a Triple Partner Token by making a x-www-form-urlencoded POST request to either:

The complete procedure is detailed in the Getting Started > Step 1: Authentication

Step 2 - Initiate a user Session

After obtaining the Triple Partner Token, you will have to create a JWT session token specific to the user. You can obtain the User Session Token by making a POST request to either:

curl --location 'https://ui-api.partners.sandbox.tripleup.dev/initiate-session

' \
--header 'Authorization: Bearer my_triple_partner_token' \
--header 'Content-Type: application/json' \
--data '{
"card_account_id": "triple'\''s card_account_id",
"token_expiry_duration": 60,
"default_postal_code": "90210"
}'

You can also iniate a session using a combination of external_card_account_id and external_card_program_id

curl --location 'https://ui-api.partners.sandbox.tripleup.dev/initiate-session

' \
--header 'Authorization: Bearer my_triple_partner_token' \
--header 'Content-Type: application/json' \
--data '{
"card_account_external_id": "the publisher-set card account id",
"card_program_external_id": "the publisher-set card program id",
"token_expiry_duration": 60,
"default_postal_code": "90210"
}'
info

Optional properties:

  • token_expiry_duration: Duration the user session token is valid for. The default and maximum value is 60 minutes
  • default_postal_code: The postal code to use for offers localization if location services are unavailable/not granted

The response will include a session token as well as properly formatter redirect URLs.

{
"baseUrl": "https://{my_custom_domain}.rewards.tripleup.dev",
"redirectUrl": "https://{my_custom_domain}.rewards.tripleup.dev?token={token}",
"redirectUrl2": "https://{my_custom_domain}.merchant-rewards.com?token={token}",
"token": "{JWT_token}"
}