search

Advanced Session Verification

hashtag
Overview

For server-side integration, where session verification is done on the backend before delivering content, you will need to have the 'Quickstart' completed before moving on to the steps below.

hashtag
Additional steps (optional)

The advanced session verification won't take long and is completely optional. We will show you how to:

1

hashtag
Retrieve the sessionId from the snippet

Retrieve current sessionID for validation

2

hashtag
Validate the sessionId from the back-end

Have your back-end call our back-end to validate the SessionID

circle-info

In case you have questions, feel free to reach out to [email protected]

hashtag
Let's get to work

1

hashtag
Retrieve the sessionId from the snippet

hashtag
Modify your event handler

To retrieve the current sessionId (for validation as detailed in the next section) you can modify your event handler like this:

window.addEventListener('message', (event) => {
  if (event.data?.type === 'TIUN_EVENT') {
    if (event.data?.content === 'TIUN_SNIPPET_INITIALIZED') {
      updateContentInfo();
    } else if (event.data?.content === 'TIUN_HIDE_PAYWALL') {

      // new sessionId is passed
      var currentSessionId = event.data.sessionId;

      // TODO: add your logic to hide the paywall

    } else if (event.data?.content === 'TIUN_SHOW_PAYWALL') {

      // sessionId=null is passed
      var currentSessionId = event.data.sessionId;

      // TODO: add your logic to show the paywall

    }
  }
});

// TODO: use the currentSessionId to load content from backend
2

hashtag
Validate the sessionId from the back-end

Have your back-end call our back-end to validate the SessionID

hashtag
Create new API Keys

Use the API key tab in your business dashboard to generate a new API key: my.tiun.business > API keysarrow-up-right

circle-info

Step 1: Click on 'APIs' in the side navigation of your tiun.business account.

circle-info

Step 2: Click on 'Create new key' with a unique API name

hashtag
Calling the status endpoint

With the API key (header: X-ACCESS-TOKEN) and the providerId from my.tiun.business > Payment Snippet > Configurationarrow-up-right set up your backend to call the PATCH status endpoint:

PATCH /v1/providers/{providerId}/sessions/{sessionId}/status

Base URL Live Environment: https://api.tiun.live/live_api

Base URL Sandbox Environment: https://api-sandbox.tiun.live/live_api

circle-info

hashtag
Endpoint specification

For detailed endpoint property documentation (incl. auth headers) refer to: ProviderSession

hashtag
Evaluating the response HTTP status code

Use the response code to determine if you should serve content to the customer:

200

The session is valid and the content should be served

404

The session is invalid and the content must not be served (either the session expired, was ended or the customer does not have funds anymore)

401

Your API key or providerId is invalid

hashtag
That's a wrap!

hashtag
Next up

There are two ways to embed the tiun payment snippet in your paywall. Visit the Integration Examples for more information.

PreviousQuickstartNextIntegration Examples

Last updated

Was this helpful?