FAST LOGIN SDK
About Fast Login SDK
Fast Login SDK is an application that provides login infrastructure to integrated services. In order for the services to be integrated to Fast Login SDK, they must first fill in the Service Provider Form under the Fast Login SDK tab. The information required for Web Integration is explained in detail below. More information about Application Integrations is provided under the IOS and Android pages of the Fast Login SDK.
- The integrated services should open a pop up window via the Fast Login button, which they put on their website when they integrate Fast Login SDK. This pop up window should also call a URL similar to the AuthorizeClient URL in the example below. Detailed information about the AuthorizeClient service is provided on the AuthorizeClient Endpoint page.
- When URL is opened in pop up, login process starts. The user completes the login process within the pages of the Fast Login SDK application.
- When the login process is completed, the serviceRedirectUrl sent in the AuthorizeClient URL is redirected (HTTP GET). Token is passed as a parameter to ServiceRedirectUrl. The sample URL is:
- If an error is received during login operations and the login operations cannot be completed, serviceRedirectUrl is called with the error parameters as in this example:
- The service redirectUrl contains the resultCode, resultName, and resultMessage parameters. These parameters include the reason why the login process could not be completed. Detailed information about error codes can be found on the Error Status page
- ServiceRedirectUrl must be called with HTTP GET and accept the token, resultCode, resultName, and resultMessage parameters. In case of successful login, token should be taken and in case of error the error should be logged and the user should be directed to home page.
- When the token is delivered to the service via ServiceRedirectUrl, the service should receive information such as Phone Number and E-mail of the logged-in user by calling https://fastlogin.com.tr/fastlogin_app/secure/validate.json web service with token.
- The validate.json web service can only be called once with the same token. After the first call, user information cannot be accessed again with the same token.
- There is IP restriction at validate.json web service. Therefore, the IPs of the servers to which the validate.json web service will be called should be entered in the IP information field on the service provider registration page. When validate.json is called before these IPs are defined, an IP prohibited error is received.
- Detailed information about validate.json web service is provided on the Validation Endpoint page. The serviceId and secretKey parameters to be sent during this web service call will be generated automatically after the service provider registration page is filled in. serviceId and secretKey parameters are constant. loginToken is the token sent to the serviceRedirectUrl. The validate.json web service should be called in a very short time with the received token. Otherwise, the token will expire and the user information can not be retrieved.