1
Create a login session with your API Key
Your application backend should call
the
GET /v2/auth/session
endpoint to create a timed session with your API Key. This
will return a session ID token.Do not perform this step on the client-side, as it exposes your API Key. Always ensure that this step is performed securely on the server-side.
Forestreet reserves the right to revoke API Keys that are suspected to have leaked.
2
Embed the iFrame
Your application backend then
embeds an iFrame in your application frontend, with the Session ID appended to the URL
as a query parameter. The URL should look like this:
iframe-integration.html
3
Use the iFrame
The iFrame will load the Forestreet application, using the timed session
to authenticate the user. Authentications for any subsequent requests within the iFrame will be
handled automatically by Forestreet’s frontend.