The IMS web services are developed using Microsoft .NET technology and DotNetNuke framework 4.0. The IMS can be integrated to any website that has the ability to consume web services.
To implement the IMS on a vendor site:
1. Complete the SSO integration – Vendors must complete the SSO integration prior to the IMS integration. For information on this refer to Setting Up Single Sign-On in the Back Office.
2. Finalize the workflow and identity a validation approach – During configuration analysis, the required workflow should be outlined. Working with the association, finalize the workflow and identify the roles. Identify the web pages that require frequent lookups into the database for the role assignment of an authorized customer (for example, a role based upon the customer purchasing a product). Identify the web pages that may not need frequent lookup for the specific role assignment of a customer.
3. Note that Personify Back Office application also uses Identity Management to display the IMS Roles as icons for a customer. While setting up the IMS Roles, clients should use the WEB ONLY flag if their Roles apply only to their web site.
a. To get Roles enabled for a Vendor:
i. IMSVendorRolesGet - will get a list of all roles.
ii. IMSVendorWebRolesGet - will get a list of web-enabled roles.
b. To get Roles a Customer Qualifies for:
i. IMSCustomerRolesGet - will get a list of all roles.
ii. IMSCustomerWebRolesGet - will get a list of web enabled roles.
4. Find the list of assigned roles for a vendor – Consume the IMSVendorRolesGet or IMSVendorWebRolesGet web service and get the list of roles that are granted for a vendor. Using the Vendor ID and password provided, implement those role IDs.
5. Store the role IDs for customers – Consume the IMSCustomerRolesGet or IMSCustomerWebRolesGet web service to find the roles that are assigned to the authorized customer who is successfully logged in. The web service will return the roles. Store the roles in session variables so that the pages that do not require frequent lookup for updates can use it.
6. Identify frequent lookup for specific pages – For pages that require frequent lookup for the role assignment, consume the IMSCustomerRolesGet to refresh the list of role assignments for a customer. The page should have logic to search for the role ID that is required to manage access for a customer. Optionally, the updated list can be overwritten to the session variables for other pages to use.
7. Implement the role-specific rules to web pages – According to the workflow for the website, implement the criteria that will compare the required role ID for a page and the role ID assigned to the customer. Find out if the user should be granted access to view or interact with the web page. If the required role is not found for the customer, the appropriate action should be implemented for redirecting the user or displaying a message indicating why the customer cannot access the requested page.
8. Optional: Get the Personify Customer ID – Vendors can consume the IMSCustomerRoleGetByTIMSSCustomerID web service. This web service requires the valid Personify customer ID to get the role assignments. This approach is used when the vendor’s site has a way to find the Personify Customer ID and is being frequently used.