Skip to main content

Hosted Offer Redemption

Overview

Hosted Offer Redemption is a single managed offer redemption experience, hosted on the GetintheLoop Platform. It allows a fast and easy way to integration offer usage into a product via a single-page "check out" experience for your users. Hosted Offer Redemption is a configurable option for each Property.

The Hosted Offer Redemption page includes:

  • Your branding
  • Details of the offer
  • The ability to use the offer directly from the page
  • The ability to return to your website or app

Getting Started

1. Enable Hosted Offer Redemption

Enable Hosted Offer Redemption for your property in the Customer Portal.

2. Direct Users to the Hosted Offer Redemption Page

When a user taps on an offer to get more details from your website or app, you can now direct them to the Hosted Offer Redemption page.

The offer.redeemUrl property on the GetintheLoop offer model is the root Hosted Offer Redemption URL for that offer.

Implementations must add the correct parameters to this URL to ensure the

Implementation Details

Allowed redeemURL Parameters

The following parameters control the behaviour of the Hosted Offer Redemption page.

ParameterRequiredDetails
uNoUser Identification Token. See Authentication below.
aNoAuthentication URL. See Authentication below.
lNobusiness.location.id. If set, the offer will be displayed with this particular location set. If not set, the closest location to the user will be used.
bNoURL of page to allow user to return to on completion (ie. the “back” action). Useful if the page is going to open in a new tab and normal browser “back” history is going to be broken.

Example

<offer.redeemUrl>?u=<USER_IDENTIFICATION_TOKEN>&l=<BUSINESS_LOCATION_UUID>

Authentication

Hosted Offer Redemption requires users to be authenticated in order to redeem offers. This is done by adding a User Identification Token via the u parameter.

If no u parameter is passed, the user will be treated as anonymous users. Anonymous users can see the offer details, but will not have controls to redeem the offer.

Integrations may pass an Authentication URL via the a parameter. If this is present, there will be a "Login To Use" button.

User Identification Token

The User Identification Token is a signed, time-limited, per-user token, that passes authorization information about the current user to the Hosted Offer Redemption page. It must be securely generated and then added to the Hosted Redemption URL.

This token is used to:

  • Verify the user comes from you and prevent 3rd party abuse.
  • Identify the current user to ensure that features like Limited Offers and Punch Card rewards work correctly.

The User Identification Token is a signed authentication token, plus a user ID, encoded as a Base64 string. It is valid for 15 minutes from time of generation.

Generating User Identification Tokens
  1. Generate a User Verification Token for the current user
  2. Concatenate the unique userId and User Verification Token together, separated by a :
  3. Base64 encode the concatenated string. This is the User Identification Token for the current user.
Example
const userId = 'USER_ID';
const verificationToken = 'VERIFICATION_TOKEN';

const identificationToken = Buffer.from(`${userId}:${verificationToken}`).toString('base64');

Authentication URL

If the User Identification Token is not provided, Hosted Redemption can still be used to display Offer details. An optional Authentication URL can be provided to connect the user with your current login mechanism.

This works as follows:

  1. User navigates to example.lmg-offers.com/offer/example?a=example.com%2Fsignin
  2. User sees offer details and clicks "Login To Use"
  3. The Hosted Offer Redemption page redirects them to example.com/signin?ref=example.lmg-offers.com/offer/example
  4. At example.com, the user logs in and is redirected to example.lmg-offers.com/offer/example?u=<USER_IDENTIFICATION_TOKEN>

The current Hosted Redemption URL is appended as a ref query string parameter when redirecting to the Authentication URL. All query string parameters are preserved in the ref parameter except for the Authentication URL itself.