Wealth Wizards

Reference Architecture

Architectural design and integration patterns.

Platform Overview

Integration Overview

This page explains at a high level how you can integrate Wealth Wizards apps into your customer website.

Configuring your brand UI

Wealth Wizards apps offer a wide range of customisation options:

  • UI customisation options that tailor the application to your brand digital guidelines.
  • Certain wording on pages, allowing you to adapt the application to your brand tone of voice.
  • Parameters for calculations, e.g. growth rates, ruin age.
  • Journey options, e.g. enabling or disabling a certain feature.

Hosting on subdomains

Wealth Wizards host apps on subdomains of your website.

For example, if your website is on mycompany.com then the subdomain might be retirement.mycompany.com or wellbeing.mycompany.com

Page on subdomain

  • Individual apps may have “paths” after the subdomain, e.g. retirement.mycompany.com/planner and retirement.mycompany.com/consolidation
  • We support up to 3 subdomains for your company.
  • You will need to make simple changes to your website’s DNS records to set up the subdomain. You can also optionally supply your own SSL certificate, or let us manage an SSL certificate for you. We provide full step-by-step instructions.
  • Pages on your website will link to WW app pages.
  • The WW app will typically contain a configurable App Nav containing your logo and some links back to your main website.
  • The WW app will also typically contain a configurable App Footer with content including legal information and links to your Cookie Policy, Privacy Policy etc.

Integration Patterns

The diagram below shows the main ways in which a WW app can integrate with your systems.

Integration patterns

Access modes

A WW app can support three access modes:

Anonymous access. In this access mode, the user has not logged in. This access mode is typically used by “playground” apps that allow the user to input basic details (for example pot size, pension contributions, retirement age) and see some initial results. Later stages of playground apps might prompt for Email login, or SSO login, as described below.

The further login modes below allow the WW apps to save the user’s data against a secure identity, and allow the user to return to WW apps in future and have their data reloaded so they can continue where they left off.

SSO login. SSO (Single Sign On) refers to the ability for users who have registered with your Customer Web Portal to securely access WW systems using their existing login. Some WW apps support SSO login. Scenarios include:

  • The user is already logged in to your Customer Web Portal and clicks on a link to a WW app. With some simple initial configuration our SSO mechanism will automatically establish a secure identity as the user moves across to the app. Some apps allow you to pre-populate customer data as part of this process.
  • The user is navigating through a WW app using Anonymous access, and gets to a point where they are asked to log in. One option may be SSO login, another may be email login (see below). Logging in allows the customer’s data to be securely saved.
  • The user returns to a WW app (via an email link, bookmark etc) when they are not currently logged in. The WW app can redirect them to your Customer Web Portal login page, have them log in, then establish a secure identity as before.

Email login. Sometimes users may not be registered with your Customer Web Portal, or are registered but have forgotten their login details. Some WW playground apps encourage users to enter their email address (and might also prompt for SSO login if this is configured). On entering a valid email address, a One Time Password (OTP) code is sent via email and the user is asked to enter it in the web page. If a valid code is entered then we have a verified email identity for the user. The user can later return to the app, enter their email address, confirm an OTP and then pick up where they left off in the journey with their data securely loaded.

1. Browser Events

WW apps emit events that can be consumed by your analytics tools (Google Analytics, Adobe Analytics etc). Documentation is provided for each app.

2. SSO login

As described above, we can easily integrate your Identity Provider via SAML 2.0 or Open ID Connect (OIDC) to allow seamless login between your Customer Web Portal and WW apps.

3. Frontend API access

You may have Javascript apps running in the browser in your Customer Web Portal. and you would like these apps to interact with WW APIs. For users who are not logged in to your Customer Web Portal, some WW apps may provide APIs that are suitable for anonymous access. For logged in users, your apps can be configured to call secure WW APIs. API documentation is provided for each WW app.

4. Backend API access

Your server-side systems can interact with certain WW APIs. There are two modes:

  • User access. Your system is interacting with WW APIs within an authenticated user session. You can invoke WW APIs with a customer bearer token.
  • System access. Your system is interacting with WW APIs outside of a user session, e.g. to get aggregated statistics on your customers' use of WW apps. You can invoke APIs with a tenant bearer token.

Full documentation is provided on how to set up secure API calls.

5. Backend Data Events

WW apps can push data to your systems when certain events occur - typically when a customer has completed a journey. We define an API interface in which the WW app can push data to an HTTP endpoint in your systems.

6. Monthly Customer Activity Report

We will send you a monthly data report with rich data and visualisations describing how your user populations have interacted with Wealth Wizards applications.

Previous
Introduction