Licensing

Clients must ensure they are appropriately licensed in order to use this package. Organisations who wish to use this package are required to establish a commercial relationship with Credit Sense directly.

Compatibility

This package has the following compatibility requirements:

Installation Instructions

To install this package please walk through the following procedure:

1. Unzip the package to a directory on your computer
2. Import each zip archive found in the services folder to Transact Manager under the Services >> All Services menu item.
3. Review the Help Doc tab for each of the imported services and make any required adjustments to service parameters.
4. Review the Service Connection requirements under the same Help Doc tab for each of the imported services and make any required configurations to the Service Connection. Service Connections can be configured in Transact Manager under the Services >> Service Connections menu item.
5. Import each archive found in the libraries folder to Maestro. Importing these into the Organisation level libraries folder is recommended as this will make the components available to all projects, however they can be imported at the Project level if required.

CSP Configuration

The Content Security Policy (CSP) response header helps you reduce XSS risks on modern browsers by declaring what dynamic resources are allowed to load via a HTTP Header, thereby protecting your solution from a range of vulnerability attacks.

The CreditSense integration loads a remote JavaScript library which is injected to the form, and this will get blocked if the form header includes strict Content Security Policy (CSP) settings. By default, Avoka Transact has strict CSP settings configured so these will likely need to be modified in order to enable the LinkedIn integration.

You can configure CSP settings in Transact Manager at a system wide level via the 'Form Submission Access Controller' service, or at an Organization level in the Security tab. The following Sample CSP demonstrates how to enable the CreditSense JavaScript integration:

script-src 'self' https://creditsense.com.au https://6dadc58e31982fd9f0be-d4a1ccb0c1936ef2a5b7f304db75b8a4.ssl.cf4.rackcdn.com; object-src 'none';

The second URL is the CDN domain of the initial JavaScript file used by CreditSense. The subdomain contains a guid that is unique for that single file, so no other files will be permitted from the rackcdn server.

For more information see CSP on The Avoka Community

Usage Instructions

Credit Sense integration in this package comes in two flavours :

1. Inline: The CreditSense UI appears in the main page.
2. Dialog: The CreditSense UI appears in a floating modal dialog.

1. Add the CreditSense component to your form. If you are using the dialog you will need to add it to the Dialogs folder. The inline component should be added to a Page so that it can consume full width (i.e. don't add it inside a Section).
2. Configure the CreditSense component properties including the iFrame height, the Client Code (specific code for your organization provided by CreditSense), and whether acceptance of T/Cs are captured in the form (or whether you want CreditSense to capture T/Cs acceptance).
3. Add the Start Credit Sense button to your form and point it to the CreditSense component (by adding the Credit Sense Reference under the Configuration section on the Properties tab. If you are using the dialog version you will need to also reference the Dialog component in the Dialog Reference property.
4. You can optionally hide the Start Credit Sense button and add a rule elsewhere in your form to fire the click rule of the button when required to initiate the CreditSense process.
5. You may wish to add code to the On Success or On Failure rules on the CreditSense component to implement behaviour handlers for each condition.

Retrieving Reports

There are two methods for retrieving reports :

1. Delivery Process

   Reports are attached to the transaction using the Credit Sense Delivery Process. Once this delivery process has been completed, the transaction will have its delivery channel updated to the Delivery Channel configured on its service parameter Final Delivery Channel. It is recommended that logic relating to the attached financial reports start from this delivery channel.

2. Webhook

   Reports are attached to the transaction as soon as they become available using the Credit Sense - Report Webhook. Configuration of this service requires contact with Credit Sense to configure the callback. Credit Sense will also require credentials capable of calling the webhook.

   NOTE : This implementation may not be suitable for all TM deployments, as it requires the Credit Sense servers to able to reach TM.

Testing

In order to test the service you can enable test mode on the Credit Sense component in Maestro. You can find the Include Debug Banks checkbox in the Debug section of the Properties tab.

Once enabled, you will be able to select one of the dummy banks and use the test credentials below to run tests on the integration.

Static Date Test Accounts

Static date means that the transaction dates in the test data remain the same as when they were created.

For test accounts the username and password are identical:

• testa
• testb
• testc
• testd
• teste
• testf
• testg

Variable Date Test Accounts

Variable date means the transaction dates in the test data will be updated so they appear as if the data was collected today. Be aware that this may result in transactions in reports taking place on days you wouldn’t expect them to (weekends, public holidays etc.).

For test accounts the username and password are identical:

• testa1
• testb1
• testc1
• testd1
• teste1
• testf1
• testg1

NOTE : If there is no Username field, enter the username into the Catalog field.