Show Set Up
      Back to home
      1. FFAIR Help Desk
      2. Organiser
      3. Show Set Up

      API Connection & SSO

      Understand the process of creating exhibitor users in the FFAIR portal using the FFAIR API, and setting up SSO for the exhibitors.

      1. Access Create Exhibitor user using API connection

      The FFAIR API allows the creation of Exhibitor Users in the FFAIR portal.

      To get started

      • Log in to your FFAIR Organiser Portal.
      • Click into the required show from the "Shows" page.
      • Click on "Show Settings" from the left hand menu.
      • Navigate to the "API connection" section of the settings page.
      • Click the blue toggle to enable the API.

       

      The Token will expire after one hour.

      Required Headers:

      Male sure to include the required headers, including the Authorization header with the Basic Authentication Scheme. The example provided demonstrates how to encode your API key and password into the basicToken string.

      Header Name 

      Example Value

      Description

      Authorization

      Basic

      The basicToken string will be generated according to the Basic Authentication Scheme. You should use the api key and password from FFAIR show’s portal


      The basicToken string example: 

      ‘{apiKey}:{password}’ 


      Decode to base64 format and used as a value for basicToken in the header.

      Decoded basicToken string example:


      QWxhZGRpbjpvcGVuIHNlc2FtZQ==

      content-type

      application/json

      		  

       

      Response example:

      {

          "return": {

              "authToken": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJmaXJlYmFzZS1hZG1pbnNkay1kYzA1NkBmZmFpci1zYW5kYm94LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwic3ViIjoiZmlyZWJhc2UtYWRtaW5zZGstZGMwNTZAZmZhaXItc2FuZGJveC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHl0b29sa2l0Lmdvb2dsZWFwaXMuY29tL2dvb2dsZS5pZGVudGl0eS5pZGVudGl0eXRvb2xraXQudjEuSWRlbnRpdHlUb29sa2kiLCJpYXQiOjE2NjI2MzMzNzUsImV4cCI6MTY2MjYzMzY3NX0.byKlsFH0ZBANo5B0ZY4ZWo5SWalut0j2jBuqpvhzgL6mXCeGtts1f1xDi8ZYCmq5wz73P_IGsgjeuEyjJGw09vfdLivPZOSVcYgBRL1q482tFashWZd7800Ya7r1cfP9b4yjTKqmD4NTWf_xwtJDbF6L0lZXJIf-04rZQjtLwhOXv2U7IyMNE1BZCFGQwJh522VMCJ9aXERKZ7XRNymWkiMSlGsoBGR3rE9PDx7HMvjRkEcc6VrHYUR_LD9Z8_hteA-QxE0E4LFmGlasneBHNbz0Ktf0r_pdPzJkluagujbBXfNfIF8G-hWXsHYEiMt4vP5Xufe3p9n90kMe9tpPUg"

          }

      }

       

      2. Bulk upload exhibitor users to the system via API connection:

      Required Headers:

      Header Name 

      Example Value

      Description

      Authorization

      Bearer

      The authToken you can retrieve by using the Get authToken method (above)

      content-type

      application/json

      		  



      Request body example:

      Refer to the below request body example for guidance on the required parameters.

      {
       "data": {
          "showId": "oiayJulhVXaC1xCs4HtW",
          "exhibitors": [
            {
              "exhibitorId": "855d2a58-1177-11ed-861d-0242ac120002",
              "companyName": "Company name",
              "contactName": "Contact name",
              "contactEmail": "user@domain.com",
              "buildType": "Space only - Hall 2",
              "standNumber": "G34",
              "contactNumber": "34343535 545",
              "companyAddress": "London, 223",
              "companyPostcode": "343 KO9"
            }
          ]
        }
      }

       

      Provide the necessary request body containing details such as: 

      showId - string (required)

      exhibitorId - string (required)

      companyName - string (required)

      contactName - string (required)

      contactEmail - string (required)

      buildType - string (required) - should match with the built type on the Organiser’s FFAIR portal

      standNumber - string (required)

      contactNumber - string (optional)

      companyAddress - string (optional)

      companyPostcode - string (optional)

       

      Response example:

      Upon successful execution of the API request, you'll receive a response containing the details of the newly created exhibitor users.

      {

          "return": {

              "exhibitors": [

                  {

                      "id": "Yg79SJiJgKjLbvPxTKYG",

                      "email": "user@domain.com",

                      "externalExhibitorId": "855d2a58-1177-11ed-861d-0242ac120002"

                  }

              ]

          }

      }

       

      3. Exhibitor SSO login

      This section explains how to login into FFAIR’s Exhibitor portal from an external source, once you have enabled the API connection as per the previous steps.

      We follow the OAUTH 1.0. HMAC- SHA1 signature to generate and validate the URL

      SSO baseURL : https://app.ffair.io/login/sso

      Parameters

      You now need to gather all the parameters used in the request and to generate the signature. Below are the list of parameters required.

      Parameter Name 

      Example Value

      Description

      clientReference

      0x1vttknep8VizGkTYhL

      This is a pre-shared value that is unique to each exhibitor and has to be uploaded to the both platforms

      timestamp

      1318634455

      This is a UNIX timestamp. The link will expire 1 hour after this time.

      showId

      7t9hlzjU4Z7xd5Dq9OXd

      This is a pre-shared value that is unique to each show

      signature

      Yndh1rEqdxD%2bSnmF7jbxJ/zAGyo=

      This is a value that has to be generated by using instructions below.

       

      Parameters need to be encoded into a single string which will be used later. The process to build the string looks like this: 

      1. Encode every key and value that will be signed.
      2. Sort the list of parameters alphabetically
      3. For each key/value pair:
      1. Append the encoded key to the output string.
      2. Append the ‘=’ character to the output string.
      3. Append the encoded value to the output string.
      4. If there are more key/value pairs remaining, append a ‘&’ character to the output string. 

      The following example string should be created:

      clientReference=0x1vttknep8VizGkTYhL&signature=Yndh1rEqdxD%2bSnmF7jbxJ/zAGyo=&showId=7t9hlzjU4Z7xd5Dq9OXd&timestamp=1318634455

       

      Signature base string

      The values collected so far need to be joined to make a single string from which we will generate the signature. This is called the signature base string.

      To encode the HTTP method, base URL, and SSO parameters into a single string:

      ▪ Convert the HTTP Method to uppercase and set the output string equal to this value.

      ▪ Append the ‘&’ character to the output string.

      ▪ Encode the base URL and append it to the output string.

      ▪ Append the ‘&’ character to the output string.

      ▪ Encode the parameter string and append it to the output string.

      These steps are made according to the documentation.

      Signature base string will look like this:

      GET&https%3A%2F%2Fapp.ffair.io%2Flogin%2Fsso&clientreference%3D1

      0x1vttknep8VizGkTYhL%26showId%3D17t9hlzjU4Z7xd5Dq9OXd%26timestamp%3D1318634455

      Make sure to percent encode the parameter string. The signature base string should contain exactly 2 ampersand ‘&’ characters. Any percent ‘%’ characters in the parameter string should be encoded as %25 in the signature base string.

       

      Calculating the signature

      Finally, the signature is calculated by passing the signature base string and signing key to the HMAC- SHA1 hashing algorithm. The output of the HMAC signing function is a binary string. This needs to be base64 encoded to produce the signature string.

      After calculating the signature should looks like this:

      Yndh1rEqdxD%2bSnmF7jbxJ/zAGyo=

      Putting parameter and signature all together creates a final SSO link:

      https://app.ffair.io/login/sso?clientreference=0x1vttknep8VizGkTYhL&showId=7t9hlzjU4Z7xd5Dq9OXd&timestamp=1318634455&signature=Yndh1rEqdxD%2bSnmF7jbxJ/zAGyo=