Advanced Session Verification

Overview

For server-side integration, where session verification is done on the backend before delivering content, you will need to have the 'Quickstart' completed before moving on to the steps below.

Additional steps (optional)

The advanced session verification won't take long and is completely optional. We will show you how to:

1

Retrieve the sessionId from the snippet

Retrieve current sessionID for validation

2

Validate the sessionId from the back-end

Have your back-end call our back-end to validate the SessionID

In case you have questions, feel free to reach out to [email protected]

Let's get to work

1

Retrieve the sessionId from the snippet

Modify your event handler

To retrieve the current sessionId (for validation as detailed in the next section) you can modify your event handler like this:

window.addEventListener('message', (event) => {
  if (event.data?.type === 'TIUN_EVENT') {
    if (event.data?.content === 'TIUN_SNIPPET_INITIALIZED') {
      updateContentInfo();
    } else if (event.data?.content === 'TIUN_HIDE_PAYWALL') {

      // new sessionId is passed
      var currentSessionId = event.data.sessionId;

      // TODO: add your logic to hide the paywall

    } else if (event.data?.content === 'TIUN_SHOW_PAYWALL') {

      // sessionId=null is passed
      var currentSessionId = event.data.sessionId;

      // TODO: add your logic to show the paywall

    }
  }
});

// TODO: use the currentSessionId to load content from backend
2

Validate the sessionId from the back-end

Have your back-end call our back-end to validate the SessionID

Create new API Keys

Use the API key tab in your business dashboard to generate a new API key: my.tiun.business > API keys

Step 1: Click on 'APIs' in the side navigation of your tiun.business account.

Step 2: Click on 'Create new key' with a unique API name

Calling the status endpoint

Check status endpoint of 'Provider Session'

To check the status of each session please refer to this sheet ProviderSession

Together with the API key and the resources provided at my.tiun.business > tiun.snippets > Developer > API set up your backend to call the PATCH status endpoint:

PATCH /v1/providers/{providerId}/sessions/{sessionId}/status

Base URL Live Environment: https://api.tiun.live/live_api

Base URL Sandbox Environment: https://api-sandbox.tiun.live/live_api

Detailed endpoint property documentation can be found in the Swagger Docs.

Evaluating the response HTTP status code

Use the response code to determine if you should serve content to the customer:

200

The session is valid and the content can be served

404

The session is invalid and the content should not be served (either the session expired, was ended or the customer does not have funds anymore)

401

Your API key or providerId is invalid

That's a wrap!

Next up

There are two ways to embed the tiun payment snippet in your paywall. Visit the Integration Examples for more information.

PreviousQuickstartNextIntegration Examples

Last updated

Was this helpful?