IPQS
Login Tokens

About Login Tokens in Custom Integrations

This API allows your service to generate links, enabling users to log in to their IPQS accounts automatically.

Note

Your application must be approved to access this functionality, and users will be notified that your service can log in to their accounts.

Requesting a New Token

Warning

For security reasons, you should only call this API server-side.

You can use the following URL to generate new automatic login tokens:

https://www.ipqualityscore.com/webhooks/ExampleIntegration/json/token

Using Tokens

The token provided from this API is a one-time token used to log a user into their IPQS account. To use it, you must redirect the user to the URL below. Replace ExampleIntegration with the name of your integration and TOKENHERE with the token you received above:

https://www.ipqualityscore.com/webhooks/ExampleIntegration/json/token?token=TOKENHERE

Request Parameters

Parameter Description Example Value / Format
key Required. Your site's domain or the domain that requested this integration. google.com
secret Required. Your user's current secret created during the authentication process. char(128)

Response Parameters

Note

Only JSON responses are available from this API.

The token provided from this API is a one time use token to log a user into their IPQS account. To use it you must redirect the user to the URL below:

https://www.ipqualityscore.com/webhooks/ExampleIntegration/json/token?token=TOKENHERE

Parameter Description Example Value / Format
message Description of the status of this call. May contain errors if errors exist. text
success Boolean result of if the request was successful or not. boolean
token A one time use token to login a user to their account. char(128)
// URL for this request.
$URL = 'https://www.ipqualityscore.com/webhooks/ExampleIntegration/json/token';
	
// URL for where we'll send the user after the request is successful (and replace %s with the token we receive)
$redirect = 'Location: https://www.ipqualityscore.com/webhooks/ExampleIntegration/json/token?token=%s';
	
// Configuration items for this request. NOTE: $secret will be user specific not application specific.
$key = 'example.com';
$secret = 'YOUR_API_KEY_HERE';

// Prepare POST fields.
$fields = array(
	'secret' => $secret,
	'key' => $key
);
	
// Create CURL.
$curl = curl_init();
	
// Configure CURL
curl_setopt($curl, CURLOPT_URL, $URL);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_POST, 1);

// Set POST Parameters
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($fields));

// Fetch URL
$result = curl_exec($curl);

// GET response code.
$response_code = curl_getinfo($curl, CURLINFO_HTTP_CODE);

// Close CURL
curl_close($curl);
	
// Handle result.
if((int) $response_code === 200){
	// JSON Decode
	$output = json_decode($result, true);
	
	// Was the request successful?
	if($output['success'] === true){
		exit(header(sprintf($login_url, $output['token'])));
	} else {
		echo "Unable to log you in. Please check your request and try again.";
	}
} else {
	echo "There appears to be an unforeseen error. Please contact IPQualityScore support if this persists.";
}

Ready to eliminate fraud?

Start fighting fraud now with 1,000 Free Lookups!

We're happy to answer any questions or concerns.

Chat with our fraud detection experts any day of the week.

Call us at: (800) 713-2618