Читать на русском языке

ISP Login Integration Guide

This documentation will help you integrate ISP Login into your project.


Open demo page, try it, then view source.

Find this line:

// TODO: evt.data contains ISP-Login profile in JSON-string format

At this line you can process user profile data returned by ISP. For example, send it with AJAX anywhere you need.

Modify demo

Download demo page as starting point.

Function isp_login_popup() responsible for popup and doesn't need to be modified.

The most interesting things happen in event listener below.

Result displayed in demo DIV with simple jQuery code line:


Comment it out and uncomment the line:

// console.log(unescape(evt.data));

Then reload your modified demo page. In Developer Tools panel switch to "Console" tab. Press "Login via InvestorsStartPage" button on your modified demo page. Result will appear in console.

Returned profile data is single string in JSON format. Use your favorite parsing method on your server side.

Server side

Sample server-side PHP fragment to receive ISP Profile, decode it and use:

$isp_profile = json_decode($_POST["isp_profile"]); // use parsed data by field name: echo $isp_profile->{'token'}; // or dump all profile fields var_dump($isp_profile);

Place this demo PHP code to file on your server (for example reg.php) and do link receivement on JS and ajax sending to your server.

As mentioned above, there is a comment in demo page:

// TODO: evt.data contains ISP-Login profile in JSON-string format

So let's send it with AJAX to the PHP script you placed on your server.

Replace TODO-comment with code:

$.post( "http://yourserver.com/reg.php", { isp_profile: unescape(evt.data) } );

Place modified demo page and PHP-file on same server to skip cross-domain AJAX request problem.

Load demo page from your server, press "Get demo Profile" button and watch for XHR request on "Network" panel of Developer Tools. Profile data must be dumped though PHP script. This means you ready to process it in PHP side, for exmaple, register user.

Encoding is utf8. Every value is a string limited to 256 characters.

UID (user id) is a string containing number like "12345". UID is a reliable profile identificator (can't be changed by user). Use it to recognize unique user.

If some field is not filled by user, it has empty string value in JSON.

Sample button:

Other button styles (HTML/CSS) see on this page.

Response verification

JSON-encoded ISP profile returned by JavaScript part can be verified with your-server to our-server request (without user interception). Use supplied "token" field.

Send "token" value in request. Sample request:

curl https://login.investorsstartpage.com/check.aspx?token=5c8d624e-73ba-4440-9165-75209f63c393

Response also encoded in JSON.

Response on success:

{ "status" : 1, "UID" : "12345", ... }

Key success response fields are: UID and status. All other fields are profile data.

Response on failure:

{ "status" : 0 }

If status is 0, no other fields exists.

Token life limited to 5 minutes.

Token can be verified only once. After successfull check token will be deleted immediately.

Popup dialog behavior

Dialog shows site which requests profile.

There are 3 states ISP user can be:

  1. Authorised in ISP with filled profile. He can login to your project now.
  2. Authorised in ISP without filled profile. He must fill his profile to continue. Filling profile done once.
  3. Unaithorised. He must login to ISP to continue.