Overview
Interactive login is to be used when the user is present to login (for example, 3rd Party Desktop Applications) and will manage any additional information required at login depending upon a customer's account (such as 2 Factor Authentication codes or National Identifiers).
This is achieved by embedding the Betfair IdentitySSO login page in your application and then obtaining a successful session token upon login. The Keep Alive operation should be called within session expiry time if the user is still actively using your application. The embedded login page initially looks like this:
The interactive login sequence looks like this:
Obtaining the sessionToken from the POST data
Once a login has been successfully made, the Javascript in the page will POST the session token (ssoid) to the URL provided as a redirect URL. For a desktop application, this is not required to be a real page as the desktop application can intercept the POST request as it happens via the embedded browser container. A Windows based application can embed a web browser into the application and use the BeforeNavigate2 event to catch the post data sent to the redirect URL and there are platform specific alternatives. The POST request body will contain two URL encoded parameters (which you will need to URL Decode):
- ssoid - This is your session token and should be attached to requests made to API-NG in the X-Authentication header.
- errorCode - This is returned in a URL by Betfair and provides the reason for the login failure.
The Interactive Login is the same login flow used by the Betfair website and therefore, any message's will be returned directly by Betfair & handled in the same way.
errorCode | |
|---|---|
| ACCOUNT_ALREADY_LOCKED | the account is already locked |
| ACCOUNT_NOW_LOCKED | the account was just locked |
| ACCOUNT_PENDING_PASSWORD_CHANGE | the account must undergo password recovery to reactivate |
| AGENT_CLIENT_MASTER | Agent Client Master |
| AGENT_CLIENT_MASTER_SUSPENDED | Suspended Agent Client Master |
| BETTING_RESTRICTED_LOCATION | the account is accessed from a location where betting is restricted |
| CERT_AUTH_REQUIRED | Certificate required or certificate present but could not authenticate with it |
| CHANGE_PASSWORD_REQUIRED | change password required |
| CLOSED | the account is closed |
| DANISH_AUTHORIZATION_REQUIRED | danish authorization required |
| DENMARK_MIGRATION_REQUIRED | denmark migration required |
| DUPLICATE_CARDS | duplicate cards |
| EMAIL_LOGIN_NOT_ALLOWED | This account has not opted in to log in with the email |
| INVALID_CONNECTIVITY_TO_REGULATOR_DK | the DK regulator cannot be accessed due to some internal problems in the system behind or in at regulator; timeout cases included. |
| INVALID_CONNECTIVITY_TO_REGULATOR_IT | the IT regulator cannot be accessed due to some internal problems in the system behind or in at regulator; timeout cases included. |
| INVALID_USERNAME_OR_PASSWORD | the username or password are invalid |
| ITALIAN_CONTRACT_ACCEPTANCE_REQUIRED | The latest italian contract version must be accepted |
| KYC_SUSPEND | KYC suspended |
| NOT_AUTHORIZED_BY_REGULATOR_DK | the user identified by the given credentials is not authorized in the DK's jurisdictions due to the regulators' policies. Ex: the user for which this session should be created is not allowed to act(play, bet) in the DK's jurisdiction. |
| NOT_AUTHORIZED_BY_REGULATOR_IT | the user identified by the given credentials is not authorized in the IT's jurisdictions due to the regulators' policies. Ex: the user for which this session should be created is not allowed to act(play, bet) in the IT's jurisdiction. |
| MULTIPLE_USERS_WITH_SAME_CREDENTIAL | There is more than one account with the same credential |
| PENDING_AUTH | pending authentication |
| PERSONAL_MESSAGE_REQUIRED | personal message required for the user |
| SECURITY_QUESTION_WRONG_3X | the user has entered wrong the security question 3 times |
| SECURITY_RESTRICTED_LOCATION | the account is restricted due to security concerns |
| SELF_EXCLUDED | the account has been self excluded |
| SPAIN_MIGRATION_REQUIRED | spain migration required |
| SPANISH_TERMS_ACCEPTANCE_REQUIRED | The latest spanish terms and conditions version must be accepted |
| SUSPENDED | the account is suspended |
| TELBET_TERMS_CONDITIONS_NA | Telbet terms and conditions rejected |
| TRADING_MASTER | Trading Master Account |
| TRADING_MASTER_SUSPENDED | Suspended Trading Master Account |
| TEMPORARY_BAN_TOO_MANY_REQUESTS | The limit for successful login requests per minute has been exceeded. New login attempts will be banned for 20 minutes |
URL Definitions
International users:
Italian jurisdiction users:
https://identitysso.betfair.it/view/login?product=<theProductDescriptor>&url=<theRedirectUrl> |
Spanish jurisdiction users:
https://identitysso.betfair.es/view/login?product=<theProductDescriptor>&url=<theRedirectUrl> |
Romania jusristiction users:
https://identitysso.betfair.ro/view/login?product=<theProductDescriptor>&url=<theRedirectUrl> |
Parameters
| Name | Description | Sample |
|---|---|---|
| product(mandatory) | The product for which the login page is used and on which the user will do the login; This should be your application key. | "IhDSui3ODdsdwo" |
| url (mandatory) | The url to which the the browser should be redirected in case of a successful login. By default only https://www.betfair.com will be allowed | https://www.betfair.com |
Please note that all method names are case sensitive, this includes login, keepAlive and logout.