0.3 How to Read This Documentation
This documentation is structured in five main parts to guide you through understanding, implementing, and deploying the broker SSO (OAuth) solution.
Document Structure
Part 0: Introduction (Current Section)
- 0.1 Purpose & Scope: Understanding what this solution provides and its limitations
- 0.2 Brief Description: High-level overview of the SSO solution architecture
- 0.3 How to Read: Navigation guide and document structure (current section)
- 0.4 Glossary: Key terminology and concepts used throughout the documentation
Part A: Foundations
Prerequisites for any module deployment
- A.1 Infrastructure & Connectivity: Physical network requirements and data center connections
- A.2 Authentication of API Calls: Token exchange mechanisms for bidirectional communication
- A.3 Broker Identification: Standardized parameters for broker identification across all APIs
- A.4 Screen URL Conventions: Standard URL patterns and query parameters for embedded screens
- A.5 Error Codes Contract: Comprehensive error handling and troubleshooting reference
Part B: Identity Modules
Choose one identity approach per deployment
- B.1 SSO User Creation & Authorisation: Full OAuth implementation with broker-owned identity
- B.2 Light Identity Handoff: Minimal one-time token approach for simple integrations
Part C: Feature Modules
Independently deployable functionality
- C.1 Embedded cTrader Web: Full trading platform within broker client area
- C.2 InApp Deposit/Withdraw: Cashier functionality embedded in cTrader
- C.3 InApp KYC: Compliance workflows integrated into trading platform
- C.4 InApp Generic Action / Chat: Support and custom action integration
- C.5 InApp Controls / Ribbons: Targeted promotional and informational elements
- C.6 Partner / Invite / Trader Attribution: Multi-level referral and IB tracking
Part D: Module Composition
Strategic deployment guidance
- D.1 Compatibility & Business-Value Matrix: Feature comparison and decision matrix
- D.2 Multi-module Bundles: Recommended deployment packages for different business needs
Part E: Implementation Rules
Technical and operational requirements
- E.1 Firebase Analytics: Event tracking and analytics integration
- E.2 Screens & UX Guidelines: Design requirements and best practices
- E.3 Conformance Testing: Mandatory testing procedures and validation
- E.4 Rate Limits, Financial Fields, Terms of Service: API usage rules and legal requirements
Reading Guidelines
For Technical Implementers
Focus on Part A for foundational requirements, then proceed to your chosen Part B identity module, followed by relevant Part C feature modules. Use Part E for implementation standards and testing.
For Business Decision Makers
Review Part 0 for understanding the solution, then focus on Part D for strategic guidance on module selection and business value assessment.
For Compliance Teams
Pay special attention to A.5 Error Codes, E.3 Conformance Testing, and E.4 Rate Limits sections for regulatory and operational compliance requirements.
Navigation Tips
- Each section builds upon previous knowledge - read sequentially when implementing
- Cross-references are provided throughout for related content
- API specifications include complete request/response examples
- Flow diagrams illustrate complex processes visually
Implementation Path
- Assessment: Read Part 0 and Part D to determine required modules
- Foundation: Implement Part A requirements (mandatory for all deployments)
- Identity: Choose and implement either B.1 or B.2
- Features: Deploy relevant Part C modules based on business needs
- Validation: Complete Part E conformance testing and requirements
This modular structure allows you to focus on relevant sections while maintaining context for the overall solution.