Customer Identification

Anonymous Customers

– When you properly initialize the SDK within your own application, on first start a UUID is generated and a JWT token is retrieved for “anonymous customer”.

Such a token is required to sign all the events that are being passed to Synerise, but its permissions are limited to the following:

  • Tracking events
  • Customer registration
  • Customer sign-in
  • Customer password reset
  • Authentication by Facebook
  • Authentication by OAuth
  • Authentication by Sign in with Apple

This is the minimum required to use the basic features of the SDK.

The customer in this scenario is fully anonymous within the system and the profile does not contain any personal information.

Recognized Customers


In case you want to operate without full authentication but still have personal information you can do it without authentication as well. You may have already imported customer data into Synerise and you have personal information in the system, but just need to link mobile related events with those people.

In such cases you will have to do that through your own backend systems to merge UUID generated by our SDK that’s accessible to you and tell our backend that this UUID is specific Customer.

Note: You should under no circumstances try to do that directly from the Application as it would leave space for hackers to mess with your data through decompilation or ny other form off tempering (man-in-the-middle attacks).

Authenticated Customers


Synerise also offers a means to fully authenticate customers and open full Customer sessions with a JWT token that has access to all the features provided by Synerise.

Three authentication methods are supported:

Registration as a Service

Registration as a Service (RaaS) is a set of methods that enable you to implement full customer management in your application without any need for third party systems. So let’s take a look how to implement these in sections below:

New customer registration

If you want to use our RaaS (Registration as a Service) you can implement the Synerise.Client.registerAccount() method.

This method provides you an option to pass all of the customer information along with any agreements and attributes at once.

Please note that the email address is the primary unique identifier.

Depending on backend configuration at Synerise, registration may or may not require email confirmations.

Currently, we support the following registration behaviors:

  • Automatic: the account is ready to use right after registration, no confirmations are required. Customer has the snrs_email_confirmed attribute set to false.
  • Email Confirmation Required: account is ready to use right after registration, but email confirmation is required and changes the snrs_email_confirmed attribute to true in the customer profile.
  • Email Activation Required: an activation email is sent and the account can only be used after activation. Activation changes the snrs_email_confirmed attribute to true in the customer profile.

Password

The default password policy is:

  • Minimum 6 characters
  • At least one uppercase letter
  • At least one lowercase letter
  • At least one digit
  • At least one non-alphanumeric character

Passwords are PBKDF2-encrypted.

Customer sign in

Once your customer registers, they can log in. Logins are implemented using this method: Synerise.Client.signIn().

On success, the application receives a JWT token which is valid for 1 hour (depending on backend configuration).

The SDK refreshes that token while the customer is working in the application and events are being sent (auto-refresh occurs only while the token is still valid).

Note: Token longevity can be changed on request.

Customer sign out

Signing out uses the following method: Synerise.Client.signOut().

When called, this method terminates the JWT token and effectively kills the customer session.

Get Customer account details

After login, you may want to present the customer their profile details. This is done by using Synerise.Client.getAccount().

This method retrieves all customer information that’s available in Synerise.

Update Customer account details

You can also let customers update their profile information. The method for this is Synerise.Client.updateAccount().

With this method, a customer can update most of their information, with the exception of email, because it’s used as the primary identifier for an account.

Change Customers password

Separately from customer information updates, a customer may want to update their password. This is done with the Synerise.Client.changePassword() method.

Note that as a security measure, entering the current password is required.

For a full list of available methods, see our Methods Reference.

OAuth Login


You can authenticate a Customer based on your existing solutions. The customer is authenticated by your backend.

In this case, the authentication process works in the following way:

  1. A customer sign-in to the application generates an Auth request to your backend.
  2. Your backend provides the application with an access token.
  3. The access token is passed to Synerise by using the client.authenticateByOAuth() method.
  4. Synerise passes that access token back to your System in order to check if it’s valid.
  5. In response:
    • If authentication is successful, Synerise receives Customer information such as email, first name, last name, or other details (the data can be mapped to fields in our system)
    • If the access token is not valid, the response type is different than HTTP 2xx.
  6. If the authentication was successful, Synerise provides the Application with our JWT access token for the Customer (if this the first time this customer is authenticated, they are also registered with the provided information).
Image with Oauth scheme
Customer authentication scheme

When the Customer is authenticated with a JWT token in your application, you can start using all methods and features provided by the SDK.
You can retrieve customer details by using the Client.getAccount() method or update more of their personal information by Client.updateAccount() in the same way as available in Registration as a Service.

Facebook Login


For those Applications that rely on Facebook Login as authentication Synerise has a separate method that provides you with a Synerise JWT token based on Facebook login.

To authenticate a Customer using Facebook, implement the following methods:

  • Synerise.Client.authenticateByFacebookIfRegistered()
    This method provides you with an authentication option similar to Client.signIn(). It only logs in the Customer. If it’s the first authentication (Customer is not registered), the response is an error that should be passed to your application and inform it that the following method should be used:
  • Synerise.Client.authenticateByFacebook()
    This method is more extensive and in case it’s first time Customer authenticated it will create new Customer account in the system along with the details an optional agreements and attributes that you can pass via this method.

This is implemented in order to allow you to determine if the customer is logging in for the first time and gather Customer agreements, if they are required.

Sign in with Apple


For integrating with the Apple platform, Synerise has a separate method that returns a Synerise JWT token based on Sign in with Apple credentials.

In this case, the authentication process works in the following way:

  1. A customer authenticates by Sign in with Apple.
  2. Apple provides authentication credentials.
  3. Your app uses these credentials and creates ClientAppleSignInAuthenticationContext.
  4. The context is passed to Synerise by using the Synerise.Client.authenticateByAppleSignIn() method.
  5. If the authentication was successful, Synerise provides the Application with our JWT access token for the Customer.

When the Customer is authenticated with a JWT token in your application, you can start using all the methods and features provided by the SDK.

😕

We are sorry to hear that

Thank you for helping improve out documentation. If you need help or have any questions, please consider contacting support.

😉

Awesome!

Thank you for helping improve out documentation. If you need help or have any questions, please consider contacting support.