Questionnaire Invitation Link [Encrypted]
This version of the Invitation link is GPDR compliant
Reach out to our Customer Support team to provide you with the Customer Alliance Review Subject (hash) and Auth key (key).
This document provides information on how to build a custom questionnaire invitation link. This invitation link can then be used outside of the Customer Alliance application for guest invitations, for example in your PMS or CMS.
Requirements
To build a custom link you need the following:
Customer Alliance Review Subject (hash)
Ability to generate an AES encrypted JSON token
Auth key for encrypting that token
The content of the encrypted token is a stringified JSON object with the following properties:
Name | Mandatory | Details |
---|---|---|
| yes | The email for the survey responder |
| yes |
|
| yes | The two character code specified by ISO 639-1 |
| no | The guest’s last name |
| no | The unique reservation id (string) |
| no | A JSON object for key/value pairs. For the values we only support “scalar values” like integer, float, string. We also only allow a maximum of 255 characters per attribute value and a maximum of 25 attributes in total. Example: {
"room_number": 400,
"room_category": "double room",
"whatever_other_attribute": "some_value"
} |
Full example of a JSON object used as payload:
{
"email": "some@email.com",
"departure_date": "2022-09-23",
"language": "de",
"name": "Test",
"reservation_id": "123456",
"attributes": {
"room_number": "some value",
"room_category": "some value",
"other_attribute_1": "some value",
"other_attribute_2": "some value"
}
}
Now this JSON payload string needs to be encrypted. For this, we are using AES with a 256-bit key size and CBC mode.
Steps for creating the encrypted token:
Generate JSON payload string like mentioned above
Generate encryption key using PBKDF2 with the Auth key/password provided by us with
256 Bit key length
random Salt value with 8 Bytes length
1000 iterations
SHA1 digest
Generate a random Initialization Vector (IV) with 16 Bytes length
Encrypt the JSON string using the generated key and IV with AES (256-bit key size, CBC mode)
Base64 encode that encrypted string (if not already done in step 4)
Concatenate the Salt and IV values and Base64 encode that string as well
Build a final token by concatenating the Base64 encoded Salt-and-IV string and the Base64 encoded encrypted string using
:
as delimiter/separatorUrl-encode this final token so it can be passed to our URL as a query parameter
Example using PHP
Invitation link
The link is constructed as follows.