Back to Access Tokens Main Page
Table of Contents
What are Access Tokens?
Access Tokens are used to identify and authenticate customers, users or applications with access to CRM.COM. Access Tokens can be created automatically by the System or manually through the UI or the Web API. They are primarily used when access is required to CRM.COM data from a 3rd party System, such as a mobile application or a portal. For example, an organisation may allow its customers to register through its portal and access their personal information from CRM.COM, by identifying and authenticating themselves through the use of an Access Token.
Access Tokens Glossary
| Terms | Descriptions |
|---|---|
| Rewards Participants | Customers who have signed up to participate in Rewards campaigns. |
| Accounts Receivable | The financial account which can be used to uniquely identify a customer in the System. |
| Authentication Code | The code which uniquely identifies and authenticates a user/System (usually used by apps and 3rd party Systems) accessing CRM.COM. If an Authentication Code is used, then an Identifier and Pass Code are not mandatory. |
| Identifier | A sequence of characters used to identify a user in CRM.COM, such as their username. If an Identifier is used then the Pass Code is mandatory. An Identifier and Pass Code are usually used by single users. |
| Pass Code | The code used to authenticate a user that is trying to access CRM.COM. If an Identifier is used then the Pass Code is mandatory. An Identifier and a Pass Code are usually used by single users. |
| Verification Code | A code that can be automatically generated together with each new Access Token and used for its verification and activation. The generation process of the Verification Code is configurable. |
Access Tokens Key Processes and Concepts
| Processes / Concept | Description |
|---|---|
Creating & Assigning Access Tokens Through other Modules | The System provides the ability to create or assign Access Tokens through the following modules, other than from the Access Token Data Entry page.
Users have the ability to select or create the Access Token which is used to identify and access the participant or the account. When you create a new Access Token via the Access Token Data Entry page, you can use the tool-tips to see the rules governing the formatting and generation of attributes according to the Active Access Token Definition or Access Token Classifications View Managing Access Tokens and Applying Access Token Definition Settings on Access Tokens for more information.
As from CRM.COM R10 the Access Token attributes can be dependent on the Access Token Classifications instead of the Access Token Definition. |
| Updating the Life Cycle State of Access Tokens | The Life Cycle State of an Access Token defines whether the token will be 'Effective', 'Not Effective' or 'Pending Verification'. Only 'Effective' Access Tokens will allow customers to be logged-in and authenticated in CRM.COM. If there is no longer any entity related to it, then the Life Cycle State can be automatically set to 'Not Effective' View Managing Access Tokens for more information. |
| Verifying & Using Access Tokens Pending Verification | The Life Cycle of an Access Token will dictate whether the token can be used to connect to CRM.COM. Only a token with an 'Effective' Life Cycle State is considered valid for connection. Access Token with 'Pending Verification' Life Cycle State, require verification from the customer before they can be set to 'Effective' and used to access CRM.COM. The Verification Process is initiated when a new Access Token is created.
The Verification process is not mandatory. If not configured, then Access Tokens will be directly created in an 'Effective' Life Cycle State. Refer to the Business Example below to find out the configuration requirements in order to use the Verification Process. |
| Communicating new Access Tokens | the related information (Identifier and Pass Code or Authentication Code) can be communicated to them. Whenever a new Rewards Participant or Accounts Receivable is created with an Access Token, the System can automatically communicate required information such as Identifier and Pass Code or Authentication Code, via email, sms, or any other system used to communicate with the customer This communication preference can be set up through the Active Access Token Definition. |
| Resetting the Pass Code | Access Tokens are used to identify and authenticate a user in CRM.COM by either using:
Pass Codes function like passwords. If a Pass Code is lost or needs to be updated, then the Reset Pass Code action can be used to generate a new Pass Code for the Access Token, without having to provide the old Pass Code. |
Access Tokens Access & Viewing Controls
Business Network Characteristics define the level of access for each record. i.e., whether the record will be available for selection, viewing or editing.
| Entity | Network Characteristics | Description |
|---|---|---|
| Access Tokens | Global Viewing Entities | Access Tokens have no access restrictions. They can be viewed and selected by all users. |
Access Tokens Related Modules
| Entity | Interaction of Access Tokens with Entity |
|---|---|
| Reward Participants | Access Tokens are used to identify Reward Participants |
| Accounts Receivable | Access Tokens are used to identify Accounts Receivable |
Access Tokens - Business Examples
The following section provides business examples of how the Access Tokens module is used in CRM.COM .
Creating and Verifying an Access Token
Business Requirement
Company ZX has created a mobile app for customers participating in its Loyalty scheme. Customers can register via the app using their email address. Once registered they receive a Verification Code in their inbox. Once the code is received the customers must provide that code on the app so that they can log into the System and access their personal details.
CRM.COM Solution
In order to meet the above requirement, integration of the mobile app to CRM.COM is required using the available CRM.COM WEB APIs.
The solution described below, describes CRM.COM configuration.
Configuration
Communication Template
A Communication Template should be set up in the System, in order to communicate with the customer every time an Access Token is related to a Rewards Participant.
The communication template media can be set to EMAIL so that when the communication is created, the customers receive their verification code by email.
Dear #accounts_receivable.name
Welcome to our family!
Please use the following code to activate your account: #access_token.verification_code
Once the account is activated please use the following information to access your personal account.
Access Token Number: #access_token.number
Access Token Identifier: #access_token.identifier
Access Token Pass Code: #access_token.pass_code
Access Token Definition
Set up the Access Token Definition using the configuration provided below.
- Identifier: format email address
- Pass Code: define required restriction
- Automation: Select Allow Creating Access Tokens with No Identifier and Pass Code
- Rewards Participant
- Select Require Verification
- Communication Settings > Rewards Participants
- Select Enable on Assigning Access Tokens to Rewards Participant
- Select the created Communication Template that includes the #access_token.verification_code tag (This tag will be replaced by the generated verification code).
Using the Verification code
Once a new customer registers through the mobile app, CRM.COM will:
- create the Access Token in a 'Pending Verification' Life Cycle State
- generate a verification code, which will be sent to the customer
The customer can then provide the verification code via the mobile app. The Access Token's Life Cycle will be changed to 'Effective', allowing the customer to log into the mobile app using their new account.