Member Interlink (POST Method)
What is a member interlink?
This feature applies your service’s member authentication to the Contiple Help Center, allowing users to submit member-only inquiries and view their submitted inquiry history.
➊ Member Interlink
1-1. Overview
Member integration supports two types of API methods: GET and POST.
POST Method
This method is suitable for services provided on web-based platforms (PC or Mobile).
The service must provide a web-based login page (URL).
Two implementation types are supported, as defined in the development specifications: Client-side, Server-side
GET Method
This method is suitable for services that do not provide a web-based login page.
Recommended for native application–based services (non-web).
To enable integration, please implement the API according to the specifications provided by Contiple and register it in the Member Integration settings.
1-2. Process (POST Method)
The user accesses the 1:1 Inquiry or Inquiry History page in the Help Center.
If SSO member integration is enabled, the system calls the Login Status URL.
The Login Status URL must be implemented according to the provided development guide and must return the user’s login status to Contiple.
If the user is not logged in, the API should return status = false.
In this case, the user is redirected to the login page URL.
During redirection, a
returnUrlparameter is automatically appended. This URL is used to redirect the user back to the original page after successful login.
The user enters their ID and password to log in.
Upon successful login, the user is redirected to the returnUrl provided in step 4.
The system then returns to step 2 and calls the Login Status URL again.
If the user is authenticated, the API returns status = true, and the client server calls the Remote Login API to send customer information (such as name, email, phone number) to Contiple.
The transmitted customer information is automatically populated in the inquiry form fields.
Contiple issues an Access Token based on the received customer information.
The client system redirects the user to the 1:1 Inquiry / Inquiry History page, passing the issued Access Token as a parameter.
After validating the Access Token, the page is rendered for the user.
1-3. Member Integration Setup
Customer Information Encryption
Enable this option if you want to encrypt customer data (such as name, email, or phone number) before sending it to Contiple via the Remote Login API.
When enabled, an API Key is generated.
The customer data must be encrypted using this key according to the guide before transmission.
Contiple decrypts the data using the same key to process the information securely.
➋ Development Specification
2-1. Token Generation
Contiple Organization Key
You can find the organization key under: [Global Management] → [Contract Services Status] → [Organization Information]
Token Generation Rule
Generate the token according to the sample below.
The parameter order must strictly follow the sequence defined below.
In the example, the organization key is stored in
>Sample project > application.properties > oc.apikey=.
2-2. POST Remote Login API (From Client Side)
(1) Interface Description
URL: https://{domain}.oc.nhncloud.com/v2/enduser/remote.json
URL(Development): https://{domain}.oc.alpha-nhncloud.com/v2/enduser/remote.json
POST Remote Login API(From client side)
HTTPS
POST
UTF-8
Redirect
The client system dynamically generates a form and returns it to the browser. The form automatically submits the data to the API endpoint.
After receiving the form data, the API performs authentication and, upon success, sets a login cookie.
Refer to the example class provided in the Sample Project for the implementation on the client side.
FormLoginController.java
Method: submitLogin
(2) Request Parameter
Service ID
service
Varchar(50)
O
Service ID
User ID
usercode
Varchar(50)
O
User ID (A unique identifier representing the user.)
User Name
username
Varchar(50)
X
User Name
User Email Address
Varchar(100)
X
User Email Address
User Phone Number
phone
Varchar(20)
X
User Phone Number
Member No.
memberno
Varchar(50)
X
Member Number
Timestamp (The timestamp represents the current time.)
time
Long
O
If the request time exceeds 3 minutes, a timeout error is returned.
Authentication Token
token
Varchar
O
Generate the SHA256 value using the following parameters and the organization key. (If an optional parameter is null or empty, it must not be included in the encryption string. Important: The order of the values in the string must exactly match the order specified in the example below.) SHA256Digest(service & usercode & username & email & phone & memberno & returnUrl & time)
Return URL
returnUrl
Varchar
X
Upon successful authentication, the user is redirected to the specified URL.
(3) Response Data
If a
returnUrlparameter is provided, the user is redirected to that URL.If no
returnUrlis provided, the stringSUCCESSis returned.
2-3. POST Remote Login API (From Server Side)
(1) Interface Description
URL: https://{domain}.oc.nhncloud.com/api/v2/enduser/remote.json
URL(Development): https://{domain}.oc.alpha-nhncloud.com/api/v2/enduser/remote.json
POST Remote Login API(From server side)
HTTPS
POST
UTF-8
String
The client directly calls the API from the server. After successful authentication, a login cookie is issued.
Refer to the example class provided in the Sample Project for the implementation on the client side.
ApiLoginController.java
Method: submitLogin
(2) Request Parameter
Service ID
service
Varchar(50)
O
Service ID
User ID
usercode
Varchar(50)
O
User ID (A unique identifier representing the user.)
User Name
username
Varchar(50)
X
User Name
User Email Address
Varchar(100)
X
User Email Address
User Phone Number
phone
Varchar(20)
X
User Phone Number
Member No.
memberno
Varchar(50)
X
Member Number
Timestamp
time
Long
O
If the request time exceeds 3 minutes, a timeout error is returned.
Authentication Token
token
Varchar
O
Generate the SHA256 value using the following parameters and the organization key. (If an optional parameter is null or empty, it must not be included in the encryption string. Important: The order of the values in the string must exactly match the order specified in the example below.) SHA256Digest(service & usercode & username & email & phone & memberno & returnUrl & time)
(3) Response Data
When accessing the Help Center, pass the returned content value as the accessToken parameter in the Help Center URL.
Example: https://nhn-cs.oc.alpha-nhncloud.com/hangame/hc/?accessToken=xxxxxxaccessTokenxxxxxxx
2-4. POST Login URL (User)
(1) Interface Description
URL: User-Provided
URL(Development): User-Provided
POST Login URL(User)
HTTPS
GET
UTF-8
Redirect
The service’s login system must support the following behavior:
User Login Status
User Logged Out
Display the login page.
Allow the user to log in with ID and password.
After successful login:
Create a login session or cookie.
Store login status for future validation.
Send customer information to Contiple via the Remote Login API (see POST Remote Login API – Client-side / Server-side).
User Logged In
After successful login, send customer information to Contiple(Online Contact) using the Remote Login API (Client-side or Server-side).
SSO Login Feature
When the user is logged out
Redirect the user to the login page.
The user logs in.
Your service processes the login on the server and creates login-related cookies for the authenticated user.
Call the POST Remote Login API (see POST Remote Login API (From client side) / POST Remote Login API (From server side)).
When the user is already logged in
Call the POST Remote Login API (see POST Remote Login API (From client side) / POST Remote Login API (From server side)).
POST Remote Login API Usage
POST Remote Login (Client-side)
Generate a login token using user information and the API Key.
Redirect the browser with the generated token.
Render a form on the page and submit it.
The form submits the user data to the Remote Login API.
Upon success, redirect to the specified
{returnUrl}.
POST Remote Login (From server side)
Generate a login token using user information and the API Key.
Call the Remote Login API directly from the server.
Append required parameters (e.g.,
usercode,time) to thereturnUrl.Redirect the user to the
returnUrl.
2-5. POST Login Status URL (User)
(1) Interface Description
URL: User-Provided
URL(Development): User-Provided
How to configure cross-domain access
POST Login Status URL(User)
HTTPS
GET
UTF-8
JSON
The service checks the user’s login status based on cookie information and returns the result in JSON format. Your service server must allow cross-domain access in the response (CORS configuration is required).
Refer to the example class provided in the Sample Project for the implementation on the client side.
FormLoginController.java
Method: loginStatus
(2) Request Parameter
없음
(3) Response Data
javascript function
login
Boolean
O
Login Status.
Login: true, Logout: false
User ID
usercode
Varchar(50)
X
User ID (unique value). Required when login status is true.
(4) Response Body
➌ Example Usage
3-1. Sample Code
Sample Code Download
3-2. iframe Usage
(1) Embed the Contiple Help Center in your page using an iframe
Refer to
oc_sso_sample/src/main/resources/templates/help_frame.ftlin the Sample Code files.The iframe must have
id="ocPage".
If you configure the page viewport, the Help Center can be used on both mobile and web browsers.
(2) Adjust the iframe height by reading the Contiple Help Center height from the parent page
Refer to the JavaScript code in
help_frame.ftl.
(3) Retrieve cookies from the user page after login (cookies required by your system)
Refer to the JavaScript code in
help_frame.ftl.
Last updated