When you properly initialize the SDK within your own Application, on first start a UUID is generated and a JWT token is retrieved for an “anonymous client”.
Such a token is required to sign all the events that are being passed to Synerise, but in itself has no special permissions to do anything more. The token is limited to the following:
- Tracking events
- User registration
- User sign-in
- User password reset
- Authentication by Facebook
- Authentication by OAuth
- Authentication by Sign in with Apple
This is just the minimum to use the basic features of SDK.
User in this scenario is fully anonymous within the system and does not contain any personal information.
You can operate on personal information without fully authenticating a customer. You may have already imported client data into Synerise, and you have personal information in the system. The data can be linked.
In such cases, you need to authenticate through your own backend systems. Before you can do that, you must merge the UUIDs from the SDK with a specific customer:
- Retrieve the Client UUID generated by Synerise SDK.
- Process the UUID in your own backend. If you use 3rd party authorization, you may need to pass this UUID into other systems.
- Authorize the Client and match their identifier (the loyalty card number, email address, or another type of identifier used in your system) with the client UUID from Synerise.
- Provide the Client UUID back to Synerise with all the additional information collected through the authorization process.
We recommend this user recognition process to advanced users. If you are a new Synerise user and would like to run this kind of integration, you can contact us at https://hgintelligence.atlassian.net/servicedesk/customer/portal/1.
Synerise offers a means to fully authenticate Users and create user sessions with JWT tokens that have access to all the features provided by Synerise.
Three authentication methods are supported:
Registration as a Service
Registration as a Service (RaaS) is a set of methods that enable you to implement full User Management in your application without any need for third party systems.
Register new Users
In case you want to use our RaaS (Registration as a Service) you can simply implement method Client.signUp() This method provides you option to pass all of User Information along with any agreements, attributes at once.
The primary unique identifier used by Synerise is the email address.
Depending on backend configuration at Synerise, the registration may or may not require email confirmations.
The following registration behaviors are supported:
- Automatic: the account is ready to use right after registration, no confirmations are required. User has the attribute
- Email Confirmation Required: the account is ready to use right after registration, but email confirmation is required. The confirmation sets
truein the User’s profile.
- Email Activation Required: an activation email is sent and the account cannot be used until the address is confirmed. Activation also means that
snrs_email_confirmedis set to
The default password policy is:
- Minimum 6 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one digit
- At least one non-alphanumeric character
Passwords are PBKDF2-encrypted.
User sign in
Once a User is registered, they can login. In order to provide such an option you must implement the Client.signIn() method.
On success, the Application receives a JWT token which is valid for 1 hour (default setting).
The SDK refreshes that token while a User is using the Application and events are being sent (autorefresh occurs only while the token is still valid).
User sign out
If you want to provide the User with a logout feature in your application use the following method: Client.registerAccount().
The method terminates the JWT token and kills the User session.
Get User account details
You can use the Client.getAccount() method to retrieve all information about a User from Synerise. You can then present that information in the app.
Update User account details
A User can update their own information. This is done by implementing Client.updateAccount().
The User can update most of the information, except for the email address, because it’s used as primary identifier for account.
Change Users password
Separately from User information updates, a User may want to change their password. This is done by implementing Client.changePassword().
The current password needs to be provided first.
For a full list of available methods, see the Methods Reference.
You can authenticate a User based on your existing solutions. The user is authenticated by your backend.
In this case, the authentication process works in the following way:
- A user sign-in to the application generates an Auth request to your backend.
- Your backend provides the application with an access token.
- The access token is passed to Synerise by using the client.authenticateByOAuth() method.
- Synerise passes that access token back to your System in order to check if it’s valid.
- In response:
- If authentication is successful, Synerise receives User information such as email, first name, last name, or other details (the data can be mapped to fields in our system)
- If the access token is not valid, the response type is different than HTTP 2xx.
- If the authentication was successful, Synerise provides the Application with our JWT access token for the User (if this the first time this user is authenticated, they are also registered with the provided information).
When the User is authenticated with a JWT token in your application, you can start using all methods and features provided by the SDK.
You can retrieve client details by using the Client.getAccount() method or update more of their personal information by Client.updateAccount() in the same way as available in Registration as a Service.
For those Applications that rely on Facebook Login as authentication Synerise has a separate method that provides you with a Synerise JWT token based on Facebook login.
To authenticate a User using Facebook, implement the following methods:
This method provides you with an authentication option similar to
Client.signIn(). It only logs in the User. If it’s the first authentication (User is not registered), the response is an error that should be passed to your application and inform it that the following method should be used:
This method is more extensive and in case it’s first time User authenticated it will create new User account in the system along with the details an optional agreements and attributes that you can pass via this method.
This is implemented in order to allow you to determine if the user is logging in for the first time and gather User agreements, if they are required.
Sign in with Apple
For integrating with the Apple platform, Synerise has a separate method that returns a Synerise JWT token based on Sign in with Apple credentials.
In this case, the authentication process works in the following way:
- A user authenticates by Sign in with Apple.
- Apple provides authentication credentials.
- Your app uses these credentials and creates
- The context is passed to Synerise by using the Client.authenticateByAppleSignIn() method.
- If the authentication was successful, Synerise provides the Application with our JWT access token for the User.
When the User is authenticated with a JWT token in your application, you can start using all the methods and features provided by the SDK.