SSO Widgets
Learn how to use authentication in your journey.
Overview
Embed the SSO Widgets
The SSO widget are embedded onto your site using an iFrame that is used by an applicant to create credentials or by a customer to log in. The widget UIs allow for various customer journeys. A user can be trying to create credentials in either of the following scenarios:
- At a purchase checkout, indicated by
checkout.
During a purchase checkout journey, page titles are displayed and if the user tries to create an account with a username that is already taken, the alert message will display a link to be redirected to the log in page - Not at a purchase checkout, indicated by
nocheckout.
During a non-purchase checkout journey, page titles are not displayed and if the user tries to create an account with a username that is already taken, the alert message will only warn the user, but it will not provide an option to log in.
The journey type is specified by the context optional parameter provided in the iFrame query string. By default, the user is in a purchase checkout journey unless nocheckout is assigned to context.
The widgets both accept the following parameters in the iFrame source url:
| Parameter | Description |
|---|---|
redirect_uri | Specifies where the user is redirected in some scenarios (further details in the next sections), you choose the page the user is redirected to. This is a required parameter. |
sessionId | A unique identifier mapping a session to a user. This is a required parameter. |
token | A JWT token returned from the Create Application endpoint, once the user has successfully completed an eligibility check. The token is valid for 10 minutes from creation. This is a required parameter when the user is creating credentials. |
context | Identifies whether the user is in a checkout or nocheckout journey (further details in the next sections). This is an optional parameter. |
user_name | If specified, the username input field in the create credentials journey will be pre-filled with its value. This is an optional parameter. |
When the user successfully creates credentials or logs in, the widget posts serialized data back to the redirect_uri provided in the query string. The data returned by the widget must be deserialized before usage.
Data deserialisation example
Code Sample
C#
1var payload = JsonConvert.DeserializeObject<Object>(formData["payload"])All URLs that embed the widget need to be provided so they can be added to the widget CORS policy and all redirect URIs need to be provided so they can be whitelisted.
Create Credentials Widget
To embed the create credentials iFrame, copy the code and paste it into your website when required in the journey.
Code Sample
Javascript
1 <iframe src="https://id.newdaytechnology.com/[brand]/credentials?sessionId=<sessionId>&redirect_uri=<redirect_uri>&token=<jwt-token>"></iframe>Successful response
When credentials are successfully created, the widget posts back the following data to the redirect_uri provided in the query string:
Code Sample
Node + Request
1{
2 "data": {
3 "idToken": "{{id_token}}"
4 },
5 "isSuccessful": true,
6 "message": null,
7 "errorMessages": {
8 "status": null,
9 "errors": []
10 }
11}Unsuccessful response - Token expired
The widget does not handle errors related to invalid tokens. It provides the option to post back the below data and redirect the user to the redirect_uri present in the query string. A refreshed token can be retrieved from the Refresh Token endpoint.
The widget can then be re-called by passing the refresh token in the URL parameters:
Code Sample
Javascript
1<iframe src="https://id.newdaytechnology.com/[brand]/credentials?sessionId=<sessionId>&redirect_uri=<redirect_uri>&token=<refresh-token>"></iframe>Code Sample
Node + Request
1{
2 "status": 401,
3 "errorMessage": "Token expired"
4}}Log in Widget
To embed the create log in iFrame, copy the code and paste it into your website where you want your customers to log in to their customer credit account.
Javascript
1 <iframe src="https://id.newdaytechnology.com/[brand]/login?sessionId=<sessionId>&redirect_uri=<redirect_uri>"></iframe>Successful response
When a user successfully logs in, the widget posts the below data back to the redirect_uri provided in the query string:
Code Sample
Node + Request
1{
2 "hashedUserId": "{{hashed_user_id}}",
3 "identityToken": “",
4 "expiresIn": 600,
5 "tokenType": "Bearer",
6 "refreshToken": "{{refresh_token}}",
7 "correlationId": "string",
8 "isAccountLocked": false,
9 "remainingAttempts": null,
10 "success": true
11}Unsuccessful response - Account locked
Users can attempt to log in with incorrect credentials up to 5 times before their account is locked. The widget does not handle errors due to the account being locked. However, it can optionally post back the below data and redirect the user to the redirect_uri provided in the query string:
Code Sample
Node + Request
1{
2 "status": 403,
3 "errorMessage": "User account locked."
4}Customisation
The following elements can be configured in the widgets by NewDay to match your site:
| Category | Configurable Options |
|---|---|
| Page titles | Can either be displayed or hidden |
| Fonts & colours | Fonts, font size, font colour, background colours |
| Fields | Input fields border width, radius and colour |
| CTA | CTA colour, CTA copy, CTA border-radius, CTA border, CTA border width, CTA border-colour |
| Other | Validation Messages |
The below elements are not currently configurable:
- Titles copy (e.g. Username, Passcode etc)
- Hint copy (‘This is your username you use to log in’)
- Prompt copy within the input fields (‘enter your username)
- Error messages based on API responses (e.g. Unauthorised user)
- Help copy (‘Do you already have NewPay?’)
- Retrieval copy (‘Trouble logging in?’)
Getting Started with NewDay
Quick start guides for how you can start working with NewDay as a partner and learn about the end-to-end processes of integrating with APIs.
Engagement with Commercial team
This section guides potential businesses on how to become a NewDay credit partner and explains the end-to-end on-boarding process.
Integration Guide for Developers
This section provides guidance on how to start building with NewDay i.e. how to integrate with NewDay's various deployment environments, getting access to APIs etc.
Was this page helpful?