To protect a module or application from unauthorized use, we strongly advise configuring end user access on the BRYTER platform accordingly. To make end user authentication seamless on the BRYTER platform, you can implement Single Sign-on (SSO).
However, if end user authentication on the BRYTER platform is not an option for you and you still need to restrict module access, you can embed your module within a secure space accessible only to authorized individuals, such as an intranet. Keep in mind that in such cases, authorized end users may have the ability to copy the module URL and share it with unauthorized individuals.
This tutorial provides guidance on how to prevent the unauthorized sharing of module URLs by using one-time URLs obtained from our API. Please note that only modules can be protected this way, not applications. Additionally, it is not the recommended approach for delivering modules to a restricted audience, and we cannot provide individual support its implementation and maintenance.
1. Obtain the Module ID and API key
First, activate the Only accessible via an API key setting, as described here. This option will provide you with the module ID and the API key necessary for the following steps.
Also, ensure your module’s end user access is set to public to eliminate the need for additional end user authentication.
2. Request a secured URL
When loading the webpage with the embedded BRYTER module on your web server, the initial step involves making a request to our API. Use the module ID and API key obtained in step 1, and also include the corresponding tenant information.
POST https://{{tenant}}.bryter.io/api/v1/share/wizard/{{module_id}
Content-Type: application/json; charset=utf-8
Accept: application/json; charset=utf-8
{
 auth: {
  apiKey: {{api_key}}
 }
}
If you need to configure the language displayed to the end user (e.g., to German), you can modify the payload like this:
{
 "auth": {
  "apiKey": {{api_key}}
 }
 "data": {
  "language": "de"
 }
}
3. Provide URL parameters
If you are using URL Parameter nodes in your module, you can also include these parameters to pass along URL parameter values:
{
 "auth": {
  "apiKey": {{api_key}}
 }
 "data": {
  "parameters": {
   "companyName": "ACME"
  }
 }
}
4. Handle the response
If the published module exists and the apiKey
 is correct, you will receive a response containing the shareUrl
 to use as the src
 for loading the BRYTER module within an iframe. AS the URL is intended for one-time usage, your web-server needs to request a new shareUrl
 for each embedding. Also, do not modify the shareUrl
 in any way as its format might be subject to changes without prior notification.
A valid 200 OK response will look like this:
{
 "data": {
 "shareUrl": "https://{{tenant}}.bryter.io/s/{{module_id}}/module-..."
 }
}
Other status codes to handle:
-
400 Bad Request:
 This typically indicates an error in the request body. The server's response will provide further details. -
404 Not Found:
This status implies that either the module does not exist or the API key provided is incorrect. Ensure that both the module is published and the API key is accurate. -
5xx Server Error:
 Such errors suggest an issue on our end, and we have been informed about it. If this problem persists, please reach out to our support team for assistance.