Customer identification

Anonymous customers

When you properly initialize the SDK within your own Application, on first start a UUID is generated and a JWT token is retrieved for an “anonymous customer”.

Such a token is required to sign all the events that are being passed to Synerise, but in itself has no special permissions to do anything more. The token is limited to the following:

• Tracking events
• Customer registration
• Customer sign-in
• Customer password reset
• Authentication by Facebook
• Authentication by OAuth

This is just the minimum to use the basic features of SDK. Customer in this scenario is fully anonymous within the system and does not contain any personal information.

Recognized customers

You can operate on personal information without fully authenticating a customer. You may have already imported customer data into Synerise, and you have personal information in the system. The data can be linked.

In such cases, you need to authenticate through your own backend systems. Before you can do that, you must merge the UUIDs from the SDK with a specific customer:

1. Retrieve the Customer UUID generated by Synerise SDK.
2. Process the UUID in your own backend. If you use 3rd party authorization, you may need to to pass this UUID into other systems.
3. Authorize the Customer and match their identifier (loyalty card number, email address, or another type of identifier used in your system) with the customer UUID from Synerise.
4. Provide the Customer UUID back to Synerise with all the additional information collected through the authorization process.

We recommend this customer recognition process to advanced customers. If you are a new Synerise customer and would like to run this kind of integration, you can contact us at https://hgintelligence.atlassian.net/servicedesk/customer/portal/1.

Authenticated customers

Synerise offers a means to fully authenticate Customers and create customer sessions with JWT tokens that have access to all the features provided by Synerise.
Three authentication methods are supported:

• OAuth login
• Registration as a Service
• Faceboook login

OAuth login

You can authenticate a Customer base on your existing functionality. The customer is authenticated by your backend.

In this case, the authentication process works in the following way:

1. A customer sign-in to the application generates an Auth request to your backend.
2. Your backend provides the application with an access token.
3. The access token is passed to Synerise by using the client.authenticate() method.
4. Synerise passes that access token back to your System in order to check if it’s valid.
5. In response:
   • If authentication is successful, Synerise receives Customer information such as the email, first name, last name, or other details (the data can be mapped to fields in our system). For more information, check our guide.
   • If the access token is not valid, the response type is different than HTTP 2xx.
6. If the authentication was successful, Synerise provides the Application with our JWT access token for the Customer (if this the first time this customer is authenticated, they are also registered with the provided information).

When the Customer is authenticated with a JWT token in your application, you can start using all methods and features provided by the SDK.
You can retrieve customer details by using the Client.getAccount() method or update more of their personal information by Client.updateAccount() in the same way as available in Registration as a Service.

Registration as a Service

Registration as a Service (RaaS) is a set of methods that enable you to implement full Customer Management in your application without any need for third party systems.

Register new customers

If you want to use our RaaS (Registration as a Service), implement the method Client.registerAccount().
This method provides you with an option to pass all Customer Information along with any agreements and attributes at once.

The primary unique identifier used by Synerise is the email address.

Depending on backend configuration at Synerise, the registration may or may not require email confirmations.
The following registration behaviors are supported:

• Automatic: the account is ready to use right after registration, no confirmations are required. Customer has the attribute snrs_email_confirmed set to false.
• Email Confirmation Required: the account is ready to use right after registration, but email confirmation is required. The confirmation sets snrs_email_confirmed to true in the Customer’s profile.
• Email Activation Required: an activation email is sent and the account cannot be used until the address is confirmed. Activation also means that snrs_email_confirmed is set to true.

Passwords

The default password policy is:

• Minimum 6 characters
• At least one uppercase letter
• At least one lowercase letter
• At least one digit
• At least one non-alphanumeric character

Passwords are PBKDF2-encrypted.

Customer login

Once a customer is registered, they can login. In order to provide such an option you must implement the Client.signIn() method.

On success, the Application receives a JWT token which is valid for 1 hour (default setting).
The SDK refreshes that token while a Customer is using the Application and events are being sent (autorefresh occurs only while the token is still valid).

Customer logout

If you want to provide the Customer with a logout feature in your application use the following method: Client.signOut().
The method terminates the JWT token and kills the Customer session.

Get Customer account details

You can use the Client.getAccount() method to retrieve all information about a Customer from Synerise. You can then present that information in the app.

Update Customer account details

A Customer can update their own information. This is done by implementing Client.updateAccount().
The Customer can update most of the information, except for the email address, because it’s used as the primary identifier for account.

Change Customer’s password

Separately from Customer information updates, a Customer may want to change their password. This is done by implementing Client.changePassword().
The current password needs to be provided first.

For a full list of available methods, see the methods reference section.

Facebook login

For those Applications that rely on Facebook Login as authentication Synerise has a separate method that provides you with a Synerise JWT token based on Facebook login.

To authenticate a Customer using Facebook, implement the following methods:

• Client.authenticateByFacebookRegistered()
  This method provides you with an authentication option similar to Client.signIn(). It only logs in the Customer, if it’s the first authentication (Customer is not registered) it responds with an error that should be passed to your application and inform it that the the following method should be used:
• Client.authenticateByFacebook()
  This method is more extensive and in case it’s first time a Customer authenticated, it creates a new Customer account in the system along with the details, optional agreements, and attributes that you can pass by using this method.

This is implemented in order to allow you to determine if the customer is logging in for the first time and gather Customer agreements, if they are required.