Connect

Last updated 18 days ago

The Connect Plugin enables businesses to signup and login their customers to different loyalty programs under the Open.ID standard.

Fanmiles
Miles & More

The Fanmiles Connect Plugin requires developers to use a different API domain. Please use Development Environment: https://graph.alpha.fanmiles.com. Production Environment: https://graph.fanmiles.com.

Brief

Link

Uplyft Account

https://my.uplyft.com

Open.ID Connect

https://openid.net/connect

JWT

https://jwt.io

Demo

https://connect-client-qat.fanmiles.com

Overview

The Fanmiles Connect Plugin provides an easy way for people to sign up or login to your app with their Fanmiles Wallet credentials. It also allows you to access essential user account information for your Fanmiles build loyalty program, such as the Fanmiles Wallet Address which is required to reward your customer with Fanmiles using our Uplyft Graph API. This convenient experience leads to higher conversion rates and allows you to immediately start rewarding people for their activities in your apps.

Fanmiles Connect Structure

User Experience

In order to have a great on-boarding experience in your app it is essential that you first show the value of connecting with Fanmiles. It is important that people understand what they get after they connected with Fanmiles.

UX/UI Flow - Example Adidas

Permissions

When a person logs into your app via Fanmiles Connect you can access a subset of that person’s data like the username and the Fanmiles Wallet Address (Fanmiles ID). The person has to explicitly allow access to this profile data and can cancel the process in which case you will not be able to reward the user.

Access and Open ID Tokens

After connecting through Fanmiles Connect you will receive an access token for the connecting user. An access token is an opaque string that identifies a Fanmiles Wallet User. To ensure the privacy of a Fanmiles user it is required for all Fanmiles API calls to the /me endpoint. Access tokens must be obtained via Fanmiles Connect. The token includes information about when the token will expire and which app generated the token.

{
"id_token": "{jwt-token}",
"access_token": "{access-token}",
"expires_in": "7200",
"token_type": "Bearer"
}

Authentication Request with Implicit Flow

Pre-condition

  • You have access to an Uplyft Business Account that has permissions for the Fanmiles Loyalty Network via https://my.uplyft.com.

  • You have to create an app with the app name and at least one redirect URI, to obtain a valid app_id and app_secret.

Flow description

  • Client prepares an authorization request containing the desired request parameters.

  • Client sends the request to the Fanmiles authorization server.

  • Fanmiles suthorization server authenticates the user.

  • Fanmiles authorization server obtains end-User consent/authorization.

  • Fanmiles authorization Server sends the end-user back to the client with an IDToken and, if requested, an access token.

  • Client validates the tokens and retrieves the Fanmiles Wallet Address (Fanmiles ID) and username.

You can find all details on the official Open.ID project page here

Example of Authentication Request

// HTML
<a class="fanmiles" id="connect"
href="https://connect.fanmiles.com/auth?client_id={id}&response_type=id_token+token&nonce={nonce}&scope=openid+profile&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb&state={random-string}">Connect</a>¥

Example of /me call

// Obtain user profile info
curl -X GET https://connect.fanmiles.com/me?access_token={valid-token}

Request Parameters

Parameter

Required

Description

client_id

yes

OAuth 2.0 Client Identifier valid at the Authorization Server.

response_type

yes

This value consists of id_token and token, as a space-delimited list. This requests that both an Access Token and an ID Token be returned from the Authorization Endpoint

nonce

yes

String value used to associate a Client session with an ID Token, and to mitigate replay attacks. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values. One method to achieve this is to store a cryptographically random value in HTML5 local storage and use a cryptographic hash of the value as the nonce parameter. In that case, the nonce in the returned ID Token is compared to the hash of the value in local storage to detect ID Token replay by third parties.

scope

yes

OpenID Connect requests MUST contain the openid scope value. Profile scope is OPTIONAL but if not passed then no Fanmiles user identification parameters will be given (fanmilesId or username).

redirect_uri

yes

Redirection URI to which the response will be sent. This URI MUST exactly match one of the Redirection URI values for the Client pre-registered at the Fanmiles Connect Provider Server.

state

no

Opaque value used to maintain state between the request and the callback. Typically, Cross-Site Request Forgery (CSRF, XSRF) mitigation is done by cryptographically binding the value of this parameter with a browser cookie. This parameter is not required but recommended.

All the other Request Parameters part of the OpenId Connect standard are optional and should not be used for now.

If you need more help, simple contact our developer support@uplyft.com

Not available yet.

If you are interested in using this plugin for this program, please contact our support@uplyft.com