Redirect Flow

Our platform provides URL redirection for both success and failure scenarios when sending the payload to our Apply endpoint. If the specific success and failure URLs are unknown at the time of payload creation, the customer_redirect_url can be used to dynamically apply a redirect URL.

To implement this, append the customer_redirect_url to the Bumper URL. This parameter must be encrypted for security, ensuring that only authorised parties can use it.

Generate Signature for Redirect URL:

Create a signature to verify the integrity and authenticity of the redirect_url.
Hashing Algorithm: Use SHA-256 to generate a hash of the redirect_url.
Example Query String:
```
REDIRECT_URL=https://www.bumper.co/&
```

Signature JSON Format:

{
    "signature": "<SHA256-hash>",
    "redirect_url": "https://www.bumper.co/"
}

Example Signature JSON:

{
    "signature": "f13edc50d2df8729d84d5acd97b12298157014efca10139e494c5dd9be460910",
    "redirect_url": "https://www.bumper.co/"
}

Encrypt JSON Using AES-256 ECB Mode:
- Encryption Method: Encrypt the JSON data using AES-256 in ECB (Electronic Codebook) mode.
- Private Key: The private key provided should be used as the AES encryption key.
- Encoding: After encryption, encode the encrypted result in Base64 to create a URL-safe string.
- Example Encrypted Payload:
  46/7doY5tAcsu1e4WD4sKDS9jimGATILIHaM0xFGnL3cREonrHuDqj4keuMCMVt7ApP2iz+3407nRoYF4jVJp3gSn9N+QcU/B7UBRmBVRzEwLOTEkRLn5Eq6LSARhVvd2L3rtL1SbnKXgXPdVeXmf6JuenZDFsQb3JZwlaSHOetfl95dZSOyhzjoU5jV1FcA

Construct Final Bumper Redirect URL:

Append the encrypted JSON payload to the customer_redirect_url parameter in the Bumper redirect URL.

Example Bumper Redirect URL:

https://www.bumper.co/integration/01jc0nhp66yg85qphv371g5e30?customer_redirect_url=46/7doY5tAcsu1e4WD4sKDS9jimGATILIHaM0xFGnL3cREonrHuDqj4keuMCMVt7ApP2iz+3407nRoYF4jVJp3gSn9N+QcU/B7UBRmBVRzEwLOTEkRLn5Eq6LSARhVvd2L3rtL1SbnKXgXPdVeXmf6JuenZDFsQb3JZwlaSHOetfl95dZSOyhzjoU5jV1FcA

PreviousAuthentication NextRedirection

Last updated 1 year ago