For decision trees that have proprietary content, Zingtree offers a means to make the flows and data in these trees private. By ticking “Require login via user credentials or API Key” in the Settings tool for any tree, you can restrict access to just the following methods:

  • Authorization Header with API Key
  • Basic Authentication (username:password)
  • Logged-in Agent or Author

Here’s how to enable authentication in the Settings tool:

You can see sample code for all three options on this demo page.

Authorization Header with API Key

In this example, your API Key is passed into the header via X-APIKEY. Here’s JQuery code that shows how this is done with one of the Zingtree demo Gallery trees:

function show_apikey() {
   $.ajax({
      type: "GET",
      url: "https://zingtree.com/deploy/tree.php?z=embed&tree_id=589132969",
      beforeSend: function (xhr) {
      xhr.setRequestHeader("X-APIKEY", "6a103737e44e4aa6e1e4b6b0bcb46f83")
      },
      success: function (data) {
         var iframeDoc = document.querySelector('#myiframe').contentWindow.document;
         iframeDoc.open('text/html', 'replace');
         iframeDoc.write(data);
         iframeDoc.close();
      }
   });

}

Substitute for your own tree ID and API Key for the bolded items.

Basic Authentication

The Basic Authentication standard requires a base 64 encoded username:password sent in the header, as demonstrated in this JQuery code:

function show_basic_auth() {
    $.ajax({
        type: "GET",
        url: "https://zingtree.com/deploy/tree.php?z=embed&tree_id=589132969",
        beforeSend: function (xhr) {
            xhr.setRequestHeader("Authorization", ""Basic c2hlcnlsLmFnZW50QG15Y29tcGFueS5jb206YWdlbnQx")
        },
        success: function (data) {
            var iframeDoc = document.querySelector('#myiframe').contentWindow.document;
            iframeDoc.open('text/html', 'replace');
            iframeDoc.write(data);
            iframeDoc.close();
        }
    });

}

For this demo tree, the username:password is sheryl.agent@zingtree.com:agent1. The part after “Basic” is the base64 encoded username:password.

Make sure to use your own Tree ID.

 

Logged-in User

The final way to access trees set as Make Private is to just be logged in as an agent or author in the organization which contains your tree. You would launch the tree with the standard hosted URL or embedded iFrame code, or just like so:

function show_normal() {
    $.ajax({
        type: "GET",
        url: "https://zingtree.com/deploy/tree.php?z=embed&tree_id=589132969",
        success: function (data) {
            var iframeDoc = document.querySelector('#myiframe').contentWindow.document;
            iframeDoc.open('text/html', 'replace');
            iframeDoc.write(data);
            iframeDoc.close();
        }
    });

}

Like the above examples, be sure to use your own Tree ID.