Launch Light Auth Experience

Abstract

The Cardlytics LARS (Lightly Authenticated Rewards Summary) Experience is a white-labeled, lightly-authenticated user that will access the page via an email from their bank.

Quickstart

Follow these 2 steps to integrate the Cardlytics LARS Experience.

Step 1: Alerts Integration - File Based

Follow this guide to complete the alert notification flow: Customer Alerts File-Based Implementation

Along with the Alert file pipeline, you should be able to extract the following information:

token
adId

Use these URLs to access LARS pages. They should look like this:

To offer listing

https://yourrewardsdomain.com/?a=<applicationId>&t=<token>

To single offer page

https://yourrewardsdomain.com/offer/<adId>?a=<applicationId>&t=<token>&activate=true

Step 2: Infrastructure Setup - Reverse Proxy Configuration

To maintain your brand and rewards domain control, you must set up a reverse proxy to route requests from your rewards domain to the Cardlytics infrastructure. Here we are showing two options for setting up the reverse proxy. Feel free to choose a reverse proxy solution with your favorite proxy.

IMPORTANT NOTE: Currently CRP only supports proxy path location at /.

Supported: https://yourrewards.com/ -> https://offers.cardlytics.com/
Not supported: https://yourrewards.com/rewards/ -> https://offers.cardlytics.com/

Option 1: Nginx Configuration

server {
    listen 443 ssl;
    server_name yourrewardsdomain.com;
    
    # SSL configuration
    ssl_certificate /path/to/your/certificate.crt;
    ssl_certificate_key /path/to/your/private.key;
    
    # Proxy rewards path to Cardlytics
    location / {
        proxy_pass https://offers.cardlytics.com/;
        
        # Forward common headers from the browser
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header User-Agent $http_user_agent;
        proxy_set_header Accept-Language $http_accept_language;
        
        # Disable compression between Nginx and the origin
        proxy_set_header Accept-Encoding "";
        
        # Recommended to prevent issues with headers
        proxy_buffering off;
    }
    
    # Your existing application routes
    location / {
        # Your application configuration
    }
}

Option 2: CloudFront/CDN Configuration

{
  "Origins": [
    {
      "Id": "cardlytics-rewards",
      "DomainName": "offers.cardlytics.com",
      "CustomOriginConfig": {
        "HTTPPort": 443,
        "OriginProtocolPolicy": "https-only",
        "OriginSslProtocols": {
          "Quantity": 1,
          "Items": ["TLSv1.2"]
        }
      }
    }
  ],
  "DefaultCacheBehavior": {
    "TargetOriginId": "your-main-origin"
  },
  "CacheBehaviors": [
    {
      "PathPattern": "/*",
      "TargetOriginId": "cardlytics-rewards",
      "ViewerProtocolPolicy": "redirect-to-https",
      "Compress": true,
      "ForwardedValues": {
        "QueryString": true,
        "Headers": [
          "Authorization", 
          "X-Forwarded-Host",
          "User-Agent",
          "Accept",
          "Accept-Language",
          "Referer"
        ]
      }
    }
  ]
}

Domain Configuration

Contact your Cardlytics integration manager to:

Whitelist your rewards domain for LARS integration
Configure CORS settings to allow your rewards domain

Security Considerations

Domain Validation: Ensure reverse proxy configuration restricts access appropriately
CORS Configuration: Work with Cardlytics to properly configure allowed origins

Customizing the Theme

The LARS experience supports the same theming options as the embedded SDK. See Customizing the Theme for more information.