In this section, we explain what you should do to start deploying Spotware’s broker SSO (OAuth) solution.
At the initial stages of deployment, Spotware will provide you with a dedicated environment for user acceptance testing (UAT). To do so, Spotware will require you to provide two URLs.
The first URL should lead to your custom branded login/signup screen.
For first-time users or for users logging in with a password the new SSO (OAuth) flows display a custom fully branded login/signup screen as discussed in Section 5.2.
This screen is essentially the first thing that is shown to new users upon launching cTrader. As such, we require you to provide us with a URL to this screen to proceed with deploying our SSO (OAuth) flows.
Note that the
?firstLoginquery parameter discussed in Section 5.2 controls whether users are presented with a signup screen or a login screen. As such, both the login and the signup screen have to be hosted at the same URL. For an illustration, refer to the below examples.
https://ct.brokerName.com/Trader/Logon?firstLogin=trueshould lead users to the signup screen.
https://ct.brokerName.com/Trader/Logon?firstLogin=falseshould lead users to the login screen.
If your login/signup page allows users to login or signup using their Apple ID (using the ‘Sign in with Apple’ button or equivalent), note that the creation of user accounts using
@privaterelay.appleid.comaddresses is not supported. Any API requests containing such emails will return an error response. To this end, and in order to ensure a smooth user experience, we request that you either implement corresponding logic to prevent the use of such email addresses, or consider removing social authentication options from your login/signup screen.
The second URL should be for your client area.
As detailed in general provisions, the endpoints for all API calls made by the cTrader backend to the broker’s client area (covered in Section 4) are relative to a specific URL denoted as https://brokerCrmUrl.com/.
After you provide the necessary URLs, Spotware will proceed with creating and deploying a UAT environment.
Afterward, Spotware will supply you with a fully functional set of cTrader applications that will implement SSO (OAuth) flows according to your specifications. When using these applications, you will be able to test how your login/signup screens look like and whether InApp controls perform the designated actions.
After fully testing the deployment of the SSO (OAuth) flows, contact Spotware’s Service Assurance team to inquire about the next steps in the integration process.
After UAT is complete, you will need to provide new URLs to your login/signup screen and your client area, respectively. These URLs will be used to configure the broker SSO (OAuth) flows in your production environment.