Can we have access to Web Self Service managed by a third party application? For example a customer may have some form of authentication implemented for an on-line shop or other web based application.
Basically the user should not have to log-in again if he wants to use the self-service application.
The answer to this is most definitely yes.
As we can see from the diagram above there are two modes of access to the Self Service API. The first is Authenticated and the second is Anonymous.
Authentication checks in Sage CRM use some form of passed token. In Sage CRM itself it uses the sessionid within the querystring. In the case of Self Service it uses a cookie. The cookie is passed to the eWare objects as it is intialised.
eWare = Server.CreateObject("eWare.eWareSelfService");
eWare.Init(
Request.Querystring,
Request.Form,
Request.Cookies("eware"),true);
See the self service ewaress.js file.
If the contents of the cookie matches the information held in the visitor table in the self service database then the request is authenticated.
The check in the Self Service code looks like this:
//Logon Code
if (!eWare.Authenticated)
{
//Self Service Visitor is logged on
}
else
{
//Self Service Visitor is not logged on
}
A third party system will have to take into account that self service allows you to control whether a contact can actually logon and become an authenticated user. This is the self service screen under the person tab group.
It may be too much trouble to try and duplicate all the features of authenticated access.
The second method of Self Service access is anonymous access. The Self Service API allows the freedom to do just about any action the designer wants to allow but the rub is that the visitor is anonymous as far as CRM is concerned. There is no automatic link between the visitor and a contact stored in CRM. If the third party system wants to access the CRM system it can, but a mechanism would need to be established to link the data in the third party application with CRM. That mechanism could be as simple as an alternate key where the visitor is linked to the third party by a value that appears in a field in the person table and in the external system.
Basically the user should not have to log-in again if he wants to use the self-service application.
The answer to this is most definitely yes.
As we can see from the diagram above there are two modes of access to the Self Service API. The first is Authenticated and the second is Anonymous.
Authentication checks in Sage CRM use some form of passed token. In Sage CRM itself it uses the sessionid within the querystring. In the case of Self Service it uses a cookie. The cookie is passed to the eWare objects as it is intialised.
eWare = Server.CreateObject("eWare.eWareSelfService");
eWare.Init(
Request.Querystring,
Request.Form,
Request.Cookies("eware"),true);
See the self service ewaress.js file.
If the contents of the cookie matches the information held in the visitor table in the self service database then the request is authenticated.
The check in the Self Service code looks like this:
//Logon Code
if (!eWare.Authenticated)
{
//Self Service Visitor is logged on
}
else
{
//Self Service Visitor is not logged on
}
A third party system will have to take into account that self service allows you to control whether a contact can actually logon and become an authenticated user. This is the self service screen under the person tab group.
It may be too much trouble to try and duplicate all the features of authenticated access.
The second method of Self Service access is anonymous access. The Self Service API allows the freedom to do just about any action the designer wants to allow but the rub is that the visitor is anonymous as far as CRM is concerned. There is no automatic link between the visitor and a contact stored in CRM. If the third party system wants to access the CRM system it can, but a mechanism would need to be established to link the data in the third party application with CRM. That mechanism could be as simple as an alternate key where the visitor is linked to the third party by a value that appears in a field in the person table and in the external system.