Transferring user data when connecting the integration

What does it give

This setting allows the developer to obtain the user's personal data, thereby simplifying the registration process and, accordingly, increasing the overall conversion to connect the application.

How to turn it on

In the Personal Account, in the application editing mode, go to “Settings for development”. Mark the checkbox “Transmit user data when connecting the integration”. As long as the checkbox is not checked, data will not be transmitted by default.



How data is transferred

When you click on the “Connect” button in the Marketplace, you follow the link “Registration Redirect Url” specified in the Partner's Personal Account. The user_data and user_data_sign parameters are applied to this link by the GET-parameter, in addition to the already existing parameter salon_id.
When the setting is disabled, the integration connection occurs according to the usual flow.

How data is generated

user_data is JSON encoded with the base64 algorithm.

user_data_signis a signature that we highly recommend checking to avoid unwanted registrations from third parties. It is generated by SHA-256 encryption of the decoded JSON (user_data) with your partner key (it is located in the “Account Settings” menu).


Below is an example of data decryption in PHP:

const PARTNER_TOKEN = '2t6u73mrh85btb8wgyfj';
$userData = $_GET['user_data'];
// String eyJ1c2VyX2lkIjoxMjMsIm5hbWUiOiLQkNC90LTRgNC10Lkg0JjQstCw0L3QvtCyIiwiZW1haWwiOiJhbmRyZXlAZXhhbXBsZS5jb20iLCJwaG9uZSI6Ijc5OTkwMDA5OTAwIn0=
// Stage 1 - decode base64
$userData = base64_decode($userData);
 * After decoding, we get an array with information about the user
 *array(4) {
 * ["user_id"] => int(123)
 * ["name"] => string(25) "Alex Smith"
 * ["email"] => string(18) ""
 * ["phone"] => string(11) "19990009900"
// Stage 2 - check the validity of the signature
$isSignValid = $_GET['user_data_sign'] === hash_hmac('sha256', $userData, PARTNER_TOKEN);
if (!$isSignValid) {
    die("Invalid sign!");