Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Enhanced edition tutorials

Collect signals from a web application

search

Please Note:

Collect signals from a web application

This page describes how to embed the Risk Management signal collection scripts into your web application. It focuses on the exchanges shown as (1) and (2) in the signal collection use case diagram:

Signal collection use case diagram

Risk Management, and the partners involved, have been tested on the last two major versions of Internet Explorer, Chrome, and Firefox.

Add the signal collector to your website

In Risk Management, the risk assessment is based on the analysis of signals provided by the end user’s devices (browsers, handsets). The first integration step is to provide these signals to the Risk Management signal collector for each page including a risk assessment.

In your HTML page, include the following line:

<script src="<%= signalCollectorUrl %>/api/v2/tenants/<%= tenantId %>/scripts"></script>

When the web page is loaded, the browser requests the signal collection scripts from the Risk Management signal collector.

The downloaded script includes the definition of a property called visitId, which the Risk Management back end assigns for this connection. The visitId is unique and identifies the signals collected during this visit to the page. The visitId is used later, to make calls to the Risk Management back end.

Caution

The collected signals request takes a few milliseconds to reach the Risk Management back end and to be processed. As a result, a minimal delay of a few milliseconds should be respected before calling the Risk Management back end for a policy evaluation.

For details, see the script integration method.

First view of a use case

The second integration step is to configure the use case and the view.

In your HTML page, include the following line:

...
ifp_initUseCaseAndView(partnersConfigurations, callback);
...

For details, see the ifp_initUseCaseAndView method.

Visit identifier

To communicate with the Risk Management back end, you need to obtain a visitId value before using it in your code. This value is embedded in the signal collection scripts that Risk Management returns. It is stored in a property called revisitid (risk engine visit ID).

  • If you use an HTML form to submit your data, simply include a hidden field with id="revisitid" in your form:

    <input style=”display:none;” type="text" id="revisitid" name="revisitid"/>

    The visitId is automatically populated in this field, and it comes with the other parameters in the form in your back end.

  • If you use an Ajax call to authenticate, you can just use revisitid as a global variable in the page, and add it in your Ajax call as a new parameter.

Finalize the view

Just before the user leaves a view or a page, you must call the if_finalizeView method. This method sends the latest information about this page to the signal collector.

In your HTML page, include the following line:

...
ifp_finalizeView(visitId, callback);
...

For details, see the ifp_finalizeView method.

Send a request to the back end

At this point, a request is sent to the Risk Management back end. Thales suggests handling this by clicking the login button.

Cross-origin scripting

Read about how to enable cross-origin scripting in the preparing for cross-origin scripting section.

Integration examples

See integration examples for a single-page application website and a multi-page website.

Next step

Evaluate risk

On this page