Authentication

All of our components are authenticated using Access Tokens.

Access Token

To make our web components Elements more secure, we offer an Access Token authentication flow. These Access Tokens are short-lived tokens that must be obtained immediately before loading the relevant web component.

To generate an Access Token, you can utilize the Hero Health Public API. To do so, it's necessary to create an endpoint on your server that securely interacts with the Hero Health Public API for Access Token generation. This endpoint should enforce robust authentication measures and restrict access solely to authenticated users within your system.

Note that if your application uses a server-side rendered approach, you can call the Hero Health Public API to generate an Access Token directly, as long as it does not come from the frontend.

Example

How to implement

1. Include the script tag

<script src="https://scripts.htech.app/message-builder/web-component/latest.js"></script>

2. Render the Web Component

You'll need to write a script to render the Web Component when you receive the Access Token from the server. This can be accomplished in various ways, but you can refer to the example below:

Example

Server-side rendered pages

Suppose you are using a server-side rendering approach in your application. In that case, you can retrieve the access token on render time and inject it directly into the Message Builder component.

Be aware that the Access Token expires in 30 minutes, so caching strategies can lead to authentication errors.

Example

Authentication

Access Token

How to implement

1. Include the script tag

2. Render the Web Component

Server-side rendered pages

Was this helpful?