Emarsys Integration
The Emarsys marketing platform empowers marketers to execute simple, single-channel campaigns, or create sophisticated, cross-channel journeys at scale.
The Emarsys platform makes it easy to integrate data, set up messaging across channels, and deploy personalized campaigns at scale.
The Wishlist’s Emarsys Integration Lambda enables the seamless integration to Emarsys, and triggers a Wishlist Update event from The Wishlist to Emarsys for every wishlist interaction in The Wishlist platform.
Enabling Emarsys
Enable the service using The Wishlist Event Subscription Resource API. Once enabled, all the wishlist interactions flow to Emarsys from The Wishlist Customer Interactions
Configuring System Parameters
Various credentials, secrets and URLs related to the Emarsys Integration are stored securely in the Parameter Store and accessed by the lambda as required.
- emarsysClientId - TWC client_id of the user.
-
emarsysClientSecret - TWC client_secret of the user.
-
emarsysSecret: The Emarsys User Secret that was received during onboarding.
-
emarsysTenantId: The TWC TenantId
-
emarsysUrl: The base URL of emarsys api’s.
-
emarsysUser: The User name that was received from Emarsys during onboarding.
Tenant Authentication
Tenant authentication requires the client credentials, i.e the client_id and the client_secret configured in the system parameter store to be passed to the tenant authentication service as a request body. The “tenant_id” in the tenant authentication URL is replaced by the value of tenantId of the users as configured in the system parameter store.
The response body of the request contains the generated bearer token - “access_token” which is required for the subsequent calls to the TWC system APIs.
Configure Authentication for Emarsys API
Emarsys API uses WSSE authentication over SSL to keep your data secure. WSSE authentication is not a standard HTTP feature and requires a custom X-WSSE header for each request, generated from your user name and secret.
WSSE Format - The X-WSSE header is generated from your user name and secret, and consists of the following mandatory elements:
Header name: X-WSSE
UsernameToken: Indicates that the authentication method of WSSE is token-based.
Username: Contains the user name you received during onboarding. It is usually in the following format: account_name00X, where X is a digit.
PasswordDigest: Contains the hashed token that authenticates the request. It must be recomputed for each request because the hash is only valid for a certain period before expiring. Read more about how to compute the hash under.
Nonce: A random value ensuring that the request is unique, so it cannot be replicated by any other unknown party. This string is always 16 bytes long and must be represented as a 32-character hexadecimal value.
Created: Contains the current UTC, GMT, ZULU timestamp (YYYY-MM-DDTHH:MM:SS) according to the ISO8601 format, for example, 2014-03-20T12:51:45+01:00. While any timezone is valid as long as it is specified in the timestamp, it is recommended to use UTC time, as this is the global Emarsys standard.
Compute the password digest by performing the following steps:
-
Generate a random 16-byte nonce in 32-character hexadecimal format.
-
Get the current timestamp in ISO 8601 format.
-
Concatenate the following three values in this order:
nonce + timestamp + secret
-
Calculate the SHA1 hash value of the concatenated string in hexadecimal format.
-
Apply Base64 encoding to the result to get the final PasswordDigest value.
Code Sample
function getWsseHeader(emarsysUser, emarsysSecret) {
let nonce = crypto.randomBytes(16).toString("hex");
let timestamp = new Date().toISOString();
let digest = base64Sha1(nonce + timestamp + emarsysSecret);
return `UsernameToken Username="${emarsysUser.toString()}", PasswordDigest="${digest}", Nonce="${nonce}", Created="${timestamp}"`;
}
function base64Sha1(str) {
let hexDigest = crypto.createHash("sha1")
.update(str)
.digest("hex");
return new Buffer.from(hexDigest).toString("base64");
}
Lambda Implementation
The Wishlist action is received by the Emarsys integration lambda from the Simple Queue Service (sqs) registered during the subscription. This event triggers the lambda.
The bearer token is generated by the tenant authentication service, which is in turn used to make an API call to get the wishlist using the customerId received from the sqs.
The response body is then utilised to prepare the payload required by the Emarsys system and is set as the request body for Emarsys. The request is then passed through to Emarsys accompanied by the wsse token generated.
A successful request is represented by the HTTP status code 200.