Skip to main content

Integration in a third party back office

This document outlines a general workflow for integrating the LHC back office directly into third-party systems.

For most use cases, we recommend generating a login link to avoid modifying the source code.

Integrating a Login Link

This is the preferred integration method. It provides the user with a simple link that automatically opens and logs them into the LHC back office.

Auto login instructions.

Integrating via iFrame

For versions 4.51 and later:

Using https is mandatory. Ensure you modify the settings.ini.php file and not the settings.ini.default.php file.

The following actions occur when you change the allow_iframe_domain value:

header("Content-Security-Policy: frame-ancestors 'self' ". (self::$validIframeDomains === false ? '' : self::$validIframeDomains));

This results in the following HTTP header:

Content-Security-Policy: frame-ancestors 'self' https://example.com;"

After changing allow_iframe, the cookie policy is updated to:

@ini_set('session.cookie_samesite', 'None');
@ini_set('session.cookie_secure', true);

If you are also using PHP sessions, you can change php_session_cookie_name to something like lhc_session_id.

Location: https://github.com/LiveHelperChat/livehelperchat/blob/da2815e5e5715594ef819a21da211d086061b58a/lhc_web/settings/settings.ini.default.php#L23

For versions 4.51 and earlier:

The principle is similar to how the Chrome extension works.