log inhelp

  • 30 Minute Maintenance Window, Midnight Pacific, Sat May 19. Learn more.

View
 

App Architecture

A 2Perfomant Application is like a regular web app called in iframes inside a network. For Authentication and Authorization it uses OAuth.

 

  1. Integration URLs
  2. Authentication & Authorization
    1. Step 1: X wants to use your application
    2. Step 2: You are Approved
    3. Step 3: X is now using your App

Before walking through this you should download the Skeleton App (php, ruby) and use it as an example.

 

Integration URLs

 

There are 3 main components that any 2Performant app needs to have:

  • Init URL - this URL is called when a user decides to add your application to a network
  • Support URL - this URL is called when a user opens your application on this network - call it the front page
  • Embed URL - this URL is called when the user embeds your tool in his website/service

 

And a couple of optional ones:

  • Callback URL - after the users authorizes access to his account for your app we redirect to this url
  • Settings URL - if you have a dedicated page for app settings

 

Authentication & Authorization

 

Below is a step by step process of how an app works. It's OK if you don't understand completely everything. We provide a PHP/Ruby app skeleton where you can just write some settings and are ready to go.

 

Step 1: X wants to use your application

 

On apps.2performant.com affiliates and merchants browse through apps. At some point X finds your application and decides this is the one he's been looking for so long. He clicks on Use this App, chooses the network he is on, and then Add Application.

 

 

 

X is redirected to your app's Init URL. At this stage you have to go through the OAuth first stage:

  • a network parameter is passed that contains the API url for his own network (eg init.php&network=api.internal.2performant.com)
  • your app has to get a request token, and then redirect to networks OAuth Authorize URL (eg http://api.internal.2performant.com/oauth/authorize)

 

At this point X must approve your app to have access to his data.

 

Step 2: You are Approved

 

 

Once the user has approved your app we redirect back to your application with a pair of Token, Token Secret. This is the OAuth Second Stage:

  • use the token and token secret to receive your permanent Access Token (eg http://api.internal.2performant.com/oauth/access_token)
  • Save this data: Access Token, Access Token Secret, Public Token, Network URL
  • Public Token  is md5(Application_Secret-AccessToken_Secret)
  • Never show the AccessToken in public environments like Embed Code or Hooks.

 

At this point you are authorized and ready to go.  The last step is to redirect back to the network: (eg http://api.internal.2performant.com/oauth_clients/show?token=Access Token) . Always keep the Access Token Secret well, secret.

 

Step 3: X is now using your App

 

 

Now X has an icon with your app in his Dashboard. Once he clicks on it he is taken inside the network to it's page.

The network calls in an iframe http://your-app/support&token=AccessToken  that tell you who this is.

 

If your app is a module or a widget X has an option to embed it on his website. He gets a Javascript snippet that creates an iframe to your embed url http://your-app/embed&public_token=PublicToken. PublicToken is md5("APP_SECRET-TOKEN_SECRET"). You will have to match the PublicToken with the AccessToken given to you during installation.

 

Please note that you cannot pass additional URL parameters to the embed script. However, a given user can install multiple instances of a single application to his account, therefore allowing for multiple embed scripts based on multiple access tokens.

PDF version