Identification: Interaction Token (JWT)

Gateway uses JWT tokens to identify unique LAMF and LAS journeys. They are called Interaction Tokens.

A JWT contains three components -

JWT Header
This contains the encoding algorithm of a JWT. Use HS256 for our integration
JWT Signature
Each partner is given a shared secret (aka JWT secret). Use the shared secret to sign the JWT.
JWT Payload
This is used to identify the kind of LAMF or LAS user journey to be triggered. A typical Interaction Token will have the following payload -

{
  "interactionId": "INT64ff11531abc58c28af23ffc",
  "iss": "<your-gateway-name>",
  "exp": 1696981514
}

...and the Interaction Token itself (signed with secret "have-a-good-day") will look something like this:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnRlcmFjdGlvbklkIjoiSU5UNjRmZjExNTMxYWJjNThjMjhhZjIzZmZjIiwiaXNzIjoiPHNhbXBsZS1nYXRld2F5PiIsImV4cCI6MTY5Njk4MTUxNH0.RyxCHZmYb_SuScoP9FV0qPJo6UxrtgxDKb_8elkn28g

Interaction token expiration (JWT expiry)

An interaction token (JWT) MUST have an expiration set in exp. We recommend keeping a short expiration of few minutes.

Interaction ID in itself does not have expiration but can only be used once on SDK. The same Interaction ID cannot be used in twice to create interaction token JWT and initialize the Gateway SDK again.

Error handling

Error handling

Webhook

LAMF webhooks

Next steps

Next steps