Here, AuthSafe SDK needs to be integrated on two pages:
- Login Page
- Reset Password Page
As account takeover attack happens mostly from the above pages, we developed APIs to be integrated in the above pages.
To use the SDK or REST API, you will need API keys which can be generated in our dashboard in the Settings page.
Welcome to AuthSafe, there are two phases for the integration of AuthSafe into your web application.
Phase I – Pixel Integration
Include the following script in your web application:
JavaScript code:
<script src="https://p.authsafe.ai/as.js?p={PROPERTY ID}*"></script>
<script>
_authsafe("userInit", 1);**
</script>
Note:
* In the script, replace the PROPERTY ID with your Property ID value.
**This line needs to be called only when the user is logged in, the rest of the time it does not need to be called and can be ignored.
The above JavaScript snippet needs to be included in the <head> tag just before the head closing tag </head>.
Phase II – Login Attempts and Reset Password Attempts
1) Execute the following JavaScript integration script to get Device ID.
<script>
var as_request_string = _authsafe("getRequestString");
</script>
Note: The above Device ID is required in all the requests of login and resets the password attempts. _authsafe() is a global function and can be called anywhere after the library is included in the code.