Versions Compared

Old Version 20

changes.mady.by.user Perry Tew

Saved on

compared with

New Version 21

changes.mady.by.user Perry Tew

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

 

Introduction

The MyAccount API is the backbone of the UltraCart customer portal.  It is an mini-app and part of your UltraCart web site allowing customers to view order history, edit their personal information, and correspond with you, the Merchant.  There are two forms of the customer portal.  The first is hosted by UltraCart.  The second may be hosted anywhere on your own personal web sites.  The UltraCart hosted portal is stylized using the Screen Branding themes.  Any externally hosted portal is left to individual styling via the normal means.

You may view your UltraCart hosted customer portal using this url and substituting your Merchant ID:

https://secure.ultracart.com/cgi-bin/UCMyAccount?merchantId=DEMO

(also, if you're using a custom SSL certificate, replace secure.ultracart.com with your server name...)

A reference implementation for externally hosted portals is sourced on github:  https://github.com/UltraCart/my_account

It recommended that you start with that implementation since the API was custom built for it.

 

Tip

Examples and Demo (Every call is used by the example script and the demo. Just search for the call.)

Examples: https://github.com/UltraCart/my_account/blob/master/js/myaccount_rest_1.3.js

Demo: https://secure.ultracart.com/merchant/integrationcenter/my_account_demo/

Note: The myaccount_rest link above will go stale as the version is incremented. If that's the case, just go here and look for the latest version: https://github.com/UltraCart/my_account/tree/master/js

Info

Every call in the MyAccount REST API uses two cookies for authentication:

UltraCartMerchantId - Merchant ID

UltraCartShoppingCartId - Cart ID

This is to remain consistent with the UltraCart shopping cart engine. Using the same two cookies avoids multiple login prompts to the customer.

These cookies are automatically set by the login methods, so after login, security is transparent.

Most pages may use a simple model to handle expired sessions or invalid logins:

Code Block
themeDJango
languagejavascript
linenumberstrue
var redirectToLogin = function () {
  var location_href = "index.html";
  if (location.hash && location.hash.length > 0) {
    location_href += "?hash=" + location.hash.substring(1);
  }
  location.href = location_href;
};
jQuery(document).ajaxError(function (event, xhr) {
  if (xhr.status == 401)
    redirectToLogin();
});

Be aware that the valid presence of these two cookies is not enough to constitute a "logged in" status. The customer must have submitted their profile username and password as some point and the server must have a flag set on its internal record denoting the customer as logged. So do not assume that just because you're seeing these two cookies accompany REST calls that the customer is logged in.

 

 

Object Model

These json objects are used with the REST MyAccount API.   

...