Policy Automation for B2C Service

Get Involved. Join the Conversation.


    Paul Howard
    How to allow a logged in user to access an interview in a...
    Topic posted January 5, 2018 by Paul HowardBlue Ribbon: 750+ Points 
    372 Views, 8 Comments
    How to allow a logged in user to access an interview in a div

    We have a requirement to have an OPA interview outside of the OPA widget and in a div as detailed here: http://documentation.custhelp.com/euf/assets/devdocs/cloud17d/PolicyAutomation/en/Default.htm#Guides/Developer_Guide/Web_Interviews/Integration/Embed_an_interview_in_another_application.htm

    We have managed to get this to work as a form on the Customer Portal, however it can only be an Anonymous interview! We need this to be a logged in interview.

    If we set the mappings to a logged in interview, we get an error stating that the interview can only be used by a logged in contact (even when we are logged into Customer Portal).

    We raised this with Support and were advised that as we are choosing to not use the OPA widget provided you will need to modify your PHP page to pass the user information and share secret to be able to use the embedded interviews in Customer Portal.

    No matter what combination of parameters we tried (as detailed in the link above), the interview fails to load and gives us the following errors:

    An error occurred trying to process your request.
    For further assistance please contact support.

    The error log has this:


    Error for policy model HMO_testv2:1 - Invalid identity - expected Contact

    Has anyone managed to put an OPA interview for a logged in Customer Portal user in a div? If so, could you share your code




    • Scott Berry


      I am currently working on the next widget which will use a div instead of iframe. This has also involved a number changes in OPA. To make the transition from old widget to new, the checkpoint resume prompting screen will be rendered by OPA rather than by the widget, however if people have chosen NOT to upgrade their widgets OPA needs to behave itself and not repeatedly ask if the user wants to resume from a checkpoint (because the widget should have already done this).

      This means if you are going to implement this yourself in the version before this is released, then you will have to render the prompts yourself (just like the existing widget does), and subsequently call either Start or Resume Interview. Even if you don't intend to support checkpoints, it is very important to include the __CHECKPOINT_ACTION = ignore in the startParams object I detail below when calling StartInterview.


      The JS call should look like:
        OraclePolicyAutomationEmbedded.StartInterview(opaEl, wdUrl, deployment, locale, null, startParams, seedData, onLoad, onNavigate);

      Where the startParams object should look something like:
          __CHECKPOINT_ACTION: "ignore",
          user: "[user token']",
          initID: "[some ID]"

      The user token should look something like:
      Which you can obtain by re-using the necessary parts from our example opa_v3_helper.php, i.e. calling the  generateUserToken() function I've added to helper file:

      require_once(get_cfg_var("doc_root") . "/ConnectPHP/Connect_init.php" );
      use RightNow\Connect\Crypto\v1_3 as Crypto;

      function getOPAURL([params]) { [modified to call the new functions below] }

      function generateUserToken($profile, $shared_secret) {

          if ($profile != null) {
              $contactID = $profile->c_id->value;

              if ($contactID > 0 && $shared_secret != '') {
                  $ts = round(microtime(true) * 1000);
                  $plaintext = $contactID . ';' . $ts . ';';
                  $token = sha256($plaintext . $shared_secret);
                  return $plaintext . $token;

      function sha256($text) {
          try {
               $md = new Crypto\MessageDigest();  
               $md->Algorithm->ID = 3;
               $md->Text = $text;
               $md->Encoding->ID = 1;
               return bin2Hex($md->HashText);

          } catch (Exception $err) {
               echo $err->getMessage();

    • Paul Howard

      Hi Scott,

      First of all, thanks for your input on this, great to know that this is already under development.

      We have tried a multitude of combinations using your update and the documentation to pass parameters.  All the various methods we've tried give us errors:

      - Either a blank space where the interview would normally sit on our page OR

      -  The errors as before:  An error occurred trying to process your request.
                                             For further assistance please contact support.

      There were no errors showing in the error log this time.  

      Are there any particular gotchas we should be looking out for? We've had quite a few different people take a stab at this.

      Thanks again,


    • Pranay Reddy

      Hi Paul,

      Declare opaUser variable and assign the ID of logged-in contact to it, and then pass it as a parameter along with locale ("en-US" in the below example). 


          var el = document.getElementById("interviewDiv");
          var webDeterminationsUrl = "https://xxxx.custhelp.com/web-determinations";
          var deploymentName = "MyAdvisor";
          var opaUser = "1"; /* ID of the logged-in contact */
          OraclePolicyAutomationEmbedded.StartInterview(el, webDeterminationsUrl, deploymentName, "en-US", opaUser );

      Please let me know if this works for you.



    • Scott Berry

      @Pranay - the 'opaUser' parameter is a billing parameter, the credentials needs to be passed as a token as I've demonstrated above. That use of that parameter is described here, it's not for OSvC.

      You have used the example widget version 1.2 as a starting point haven't you? Using the code to pull the shared secret, and then generating the token as above? I would expect a badly generated token to log an error in the message log however, so I don't think it's that.

      If you launch chrome/firefox developer tools and refresh the page, you may see an error thrown by javascript related to CORS. You can fix that here.

      If that also isn't the problem, maybe a simple mistake has been made passing values around? To quickly see a generated value, if you're using the example widget, assign the value to the error_text parameter and it will display that on screen instead of attempting to launch the interview, i.e. $this->data['error_text'] = $myValue;

    • Paul Howard

      Hi Scott,

      The developers that are trying to get this to work are still getting errors, although they have asked:

      Is it possible to get a  sample complete snippet of how the startParams are to be passed?

      Thanks again!


    • Scott Berry

      It is passed as a JSON object, consisting of a series of key-value string pairs as I demonstrated above. The documentation is here under "Considerations when embedding an OPA interview using a div" under the parameter name 'params'.

      i.e. startParams = {"__CHECKPOINT_ACTION":"ignore","user":"1;1512449324427;2d5b66cc70b169ea8ed09f2a144388b0d4250817f6d49f59f3e109d64e80846c","initID":"7"};

    • Kalaimagal Eswaran

      Hi Scott,

      Thanks for your reply. :)

      While passing user parameter it is working.  But within the Interview'sDiv iframe is loading. This iframe load is the expected behaviour or is there any possibilities to load interview's url without iframe.



      Kalai Eswar

    • Scott Berry

      Hi Kalai,

      Using the current widget (1.2) or earlier, or using the embedding framework as described in the answer with a Policy Model using August 2016 styling will result in the interview being displayed within an iframe. The selected Answer describes the current workaround until the (very close now) release of the new widget which embeds without an iframe.