URL redirects allow you to customize the iframe integration of the Customer Portal and subscription workflow by redirecting the customer to pages in your online service.
This is a simple HTTP 302 redirection (in GET), in which certain parameters are added to allow you to identify the customer, the offer or the subscription concerned.
- idc (for idCustomer) is the customer’s internal identifier. For security reasons, the shared identifier (ReferenceCustomer) is not used.
- refo (for ReferenceOffer) is the reference of the offer concerned.
- idsu (for idSubscription) is the internal identifier of the subscription concerned.
How to use these parameters ?
The redirection is made on a public page of your site. Any user can “forge” the URL to try to access your site without going through the payment/subscription workflow. When accessing these pages, you should never assume that the customer has actually activated their subscription or made a payment. You must imperatively make a request to the ProAbono API (server side) in order to verify that everything is compliant.
We strongly recommend recovering the Usages of the customer concerned, using the parameters idCustomer and possibly idSubscription.
An alternative is to retrieve the details of the subscription concerned. It is up to you to check that the associated idCustomer is correct: a malicious user could perfectly put a random subscription ID to access a third party’s subscription.
Finally, note that the idc parameter (for idCustomer) is present for all redirections, however the other parameters depend on the type of redirection.