Exchange by messages
Note
When implementing this kind of SSO integration, messages are exchanged between the Qualifio iframe & the parent page directly in the front-end (i.e. in the participant browser), not via secure server-to-server calls in the back-end as for the Oauth/openID and Secure token techniques.
- Works for all connection scenarios (participant logged in or not when the SSO flow starts) - depending on the moment of the exchange chosen
- Lower level of security as messages are exchanged between the Qualifio iframe & the parent page directly in the front-end (i.e. in the participant browser)
- Messages could be exchanged at the campaign load or via bilateral messages between the parent page & the campaign iframe
- Specific functions must be added in pages hosting Qualifio iframes
- Specific CNAME to have campaigns & host pages running on the same subdomain
- Use of JS tag to integrate campaigns with host pages
- Possibility to send JWT’s to Qualifio
| Type of campaign embed | Share information at the campaign load | Bilateral messages |
|---|---|---|
| Tag JS(qualp_) | OK | OK |
| Mini-site | NOK | NOK |
| Webview | NOK | NOK |
| NOK | NOK | |
| Iframe HTML | NOK | NOK |
| Preview mode | NOK | NOK |
Bilateral messages between parent page & campaign iframe
For this approach, the parent page and the Qualifio campaign will interact to offer a custom participant journey. You will be able to develop your expected user journey for the login flow (popin, redirection, ...)