Handling the endlink token

Below we will show you to different ways to handle the endlink token, server-side and client-side. We strongly recommend doing this on the server side if it is possible for your use case, as it is more reliable than doing it on the browser due to browser versions, browser security settings, and other issues.

Extract and save the token on the server.

When a user arrives at your site via an Endlink, you need to capture the tartle_endlink_token from the URL, you will need to save this token securely in your system so you can later report the desired outcome for the data packet.

Whenever possible, we recommend you capture and save this token server-side, as doing so client-side is error prone because of browser versions, security restrictions, and other issues.

Server-side examples

const saveToken = (req) => {
  const token = req.query.tartle_endlink_token

  if (token) {
    req.session.tartle_endlink_token = token
    return true
  }

  return false
}

Extract and save the token on the client.

When doing it on the server is not possible, you can handle the token on the client with javascript. Storing it in localStorage or cookies is the most common approach. For security reasons, the token is only valid for one hour and only works with this user/packet interaction.

Client-side examples

function saveTokenWithLocalStorage() {
  const urlParams = new URLSearchParams(window.location.search)
  const token = urlParams.get('tartle_endlink_token')

  if (token) {
    localStorage.setItem('tartleEndlinkToken', token)
    console.log('Token saved to localStorage')
  } else {
    console.error('No tartle_endlink_token found in URL parameters')
  }
}

You can now walk the user through the flow you've implemented on your site to capture whetever actions you need. This could be any flow, the only limitation is that the tartle_endlink_token is only valid for one hour, so they must be able to complete your flow in that amount of time.

Once you know the outcome of the user's actions (is this a success, failure, etc?) you need to report it to TARTLE. You have a few options on how to do this.

Api calls

Call TARTLE endlink endpoints directly in your code.

Read more

Redirects

Redirect users to the TARTLE endlink URL with the token

Read more

Scripts

Use provided JavaScript libraries to manage the token and endpoint interactions

Read more

Was this page helpful?