Compatibility and scenarios
Module compatibility
The table below shows how each feature module behaves under each identity option.
| Feature module | SSO User creation and authorisation | One-time token handoff |
|---|---|---|
| Embedded cTrader Web | Compatible. Full trading platform with persistent SSO session; maximum brand integration. | Not compatible. Embedded cTrader Web requires cTrader to maintain a persistent authenticated session. One-time token handoff passes a one-time token from cTrader to broker pages — the opposite direction. Use SSO User creation and authorisation. |
| In-app deposit/withdrawal | Compatible. Vertical integration of cashier and identity; full brand control over the deposit flow. | Compatible. Point solution for deposit optimisation; minimal integration, fast time-to-market. |
| In-app KYC | Compatible. Unified compliance framework; complete audit trail and simplified re-KYC. | Compatible. Event-driven KYC; compliance gates without a full identity overhaul. |
| In-App Generic Action / Chat | Compatible. Embedded broker screens with full identity context; enables personalised support flows. | Compatible. Lightweight broker screen embedding; no persistent identity context, limited personalisation. |
| In-app ribbons | Compatible. Targeted ribbons with full user identity; maximum personalisation capability. | Compatible. Session-scoped targeting; narrower personalisation compared to SSO User creation and authorisation. |
| cTrader Invite | Compatible. Complete partner programme with persistent identity; full attribution and compliance tracking. | Compatible. Partner attribution with light identity; valid but with limited long-term tracking capability. |
| Identity only (no feature module) | Compatible. Identity infrastructure in place; valid prerequisite stage before deploying any feature module. | Compatible with limitations. No end-user-facing value in isolation; valid as a staged rollout entry point before adding feature modules. |
Use cases
Minimal deployment
Add a cashier or KYC flow to cTrader with the smallest possible integration footprint.
- Identity: One-time token handoff
- Modules: In-app deposit/withdrawal and/or In-app KYC
- Constraint: Spotware remains the identity provider. The broker does not control the login experience.
Broker-owned identity
The broker controls user creation, login, and session management. cTrader Web runs inside the broker client area.
- Identity: SSO User creation and authorisation
- Modules: Embedded cTrader Web, any compatible feature module
- Constraint: Requires OAuth implementation in the broker CRM.
Full deployment
All compatible feature modules run under a single broker-owned identity layer.
- Identity: SSO User creation and authorisation
- Modules: All compatible feature modules
- Constraint: Highest implementation complexity. Requires a mature CRM with OAuth support.
Regulated compliance setup
The broker owns KYC data and maintains a complete compliance audit trail.
- Identity: SSO User creation and authorisation
- Modules: In-app KYC, optionally In-app deposit/withdrawal
- Constraint: The broker is responsible for KYC data storage and re-verification workflows.
Migration path
One-time token handoff can serve as a starting point before migrating to SSO. Feature modules deployed under One-time token handoff remain compatible after migration — no redeployment is required for them.
- Deploy One-time token handoff with the required feature modules.
- Build OAuth support in the broker CRM.
- Migrate to SSO User creation and authorisation.
- Add Embedded cTrader Web, which requires SSO User creation and authorisation. Previously deployed In-app ribbons and cTrader Invite continue to work and gain full personalisation capability under SSO.