Introduction

Nuclei Marketplace Integration Example

How to integrate:

Copy both minified functions below into your website
Use generateDeviceId() to create a device ID for your token generation API
Pass the same device ID to launchNucleiMarketplace()
Replace generateYourToken() with your bank's token generation
Set the provided partner key

Important: You must use the same device ID for both your token generation API call and the marketplace launch.

Available Categories:

Device ID Generator Function (Copy this):

function generateDeviceId() {
    const rand = crypto.randomUUID().replace(/-/g, "").substring(0, 8);
    const ts = Date.now().toString(36);
    const ua = btoa(navigator.userAgent).substring(0, 8);
    const scr = btoa(`${screen.width}x${screen.height}`).substring(0, 6);
    return `${rand}${ts}${ua}${scr}`.substring(0, 44);
  }

Marketplace Launcher Function (Copy this):

function launchNucleiMarketplace(e, t, d, p, deviceId, w) { const g = deviceId || generateDeviceId(), r = { temp_token: t, device_id: g, partner_key: p, deeplink: d }, u = { 0: 'https://nuclei-mwa-dev.gonuclei.com', 1: 'https://nuclei-mwa-uat.gonuclei.com', 2: 'https://nuclei-mwa-production.gonuclei.com' }, v = { 0: 'web', 1: 'v2-0', 2: 'v2-0' }, f = document.createElement('form'); f.method = 'POST'; f.action = `${u[e]}/commons-base/${v[e]}/commons/marketplace`; f.target = w?.name ?? '_blank'; f.style.display = 'none'; Object.entries(r).forEach(([n, val]) => { const i = document.createElement('input'); i.type = 'hidden'; i.name = n; i.value = val; f.appendChild(i); }); document.body.appendChild(f); f.submit(); document.body.removeChild(f); }

Complete Integration Code:

<script>
// Device ID Generator Function
function generateDeviceId() {
    const rand = crypto.randomUUID().replace(/-/g, "").substring(0, 8);
    const ts = Date.now().toString(36);
    const ua = btoa(navigator.userAgent).substring(0, 8);
    const scr = btoa(`${screen.width}x${screen.height}`).substring(0, 6);
    return `${rand}${ts}${ua}${scr}`.substring(0, 44);
  }

// Marketplace Launcher Function
function launchNucleiMarketplace(e, t, d, p, deviceId, w) { const g = deviceId || generateDeviceId(), r = { temp_token: t, device_id: g, partner_key: p, deeplink: d }, u = { 0: 'https://nuclei-mwa-dev.gonuclei.com', 1: 'https://nuclei-mwa-uat.gonuclei.com', 2: 'https://nuclei-mwa-production.gonuclei.com' }, v = { 0: 'web', 1: 'v2-0', 2: 'v2-0' }, f = document.createElement('form'); f.method = 'POST'; f.action = `${u[e]}/commons-base/${v[e]}/commons/marketplace`; f.target = w?.name ?? '_blank'; f.style.display = 'none'; Object.entries(r).forEach(([n, val]) => { const i = document.createElement('input'); i.type = 'hidden'; i.name = n; i.value = val; f.appendChild(i); }); document.body.appendChild(f); f.submit(); document.body.removeChild(f); }

// Your bank's configuration
const PARTNER_KEY = 'provided-partner-key-here';
const ENVIRONMENT = 2; // 0=dev, 1=uat, 2=production

// Replace this with your bank's token generation
async function generateYourToken(deviceId) {
    // IMPORTANT: Use the same deviceId in your token generation API call
    // Your token generation logic here
    return 'your-secure-token-here';
}

// Function to launch any category
async function launchNucleiCategory(deepLink) {
    try {
        // Generate device ID first
        const deviceId = generateDeviceId();
        
        // Use the same device ID for token generation
        const token = await generateYourToken(deviceId);
        const tabName = "nuclei_tab_" + Date.now();
        const newTab = window.open("", tabName);
        try{
            if (!newTab) {
              alert("Please enable pop-ups in your browser to continue.");
              return;
            }    
            // Launch marketplace with the same device ID
            launchNucleiMarketplace(ENVIRONMENT, token, deepLink, PARTNER_KEY, deviceId);
        }catch (error) {
            newTab.close();
            console.error("Error launching marketplace:", error);
        }
    } catch (error) {
        console.error('Failed to launch Nuclei Category:', error);
        alert('Unable to launch Nuclei Category. Please try again.');
    }
}
</script> 

Note

To generate a token, please refer to this document :
https://developer.gonuclei.com/getting-started/seamless/temp-token/overview

Function Parameters:

generateDeviceId()
  Returns: string - A unique browser fingerprint

launchNucleiMarketplace(environment, token, deepLink, partnerKey, deviceId, nucleiTab)
 // environment: 0=dev, 1=uat, 2=production
 // token: Secure Temp token  
 // deepLink: Category ('flights', 'hotels', 'giftcard', 'events', 'bus')
 // partnerKey: Your provided partner key
 // deviceId: Device ID from generateDeviceId() as used for token generation
 // nucleiTab: Open a tab with a unique name and pass

Environment Values:

0 = Development
1 = UAT
2 = Production

Available Deep Links:

'flights' – Flight booking
'hotels' – Hotel booking
'giftcard' – Gift card purchase
'events' – Events/Experiences booking
'bus' – Bus ticket booking

Important Notes :

Device ID Consistency: The bank must use the same device ID for both your token generation API call and the marketplace launch.

Browser Support

Chrome 63+
Firefox 53+
Safari 13+
Edge 79+

Method Size

Device ID Generator: ~280 bytes
Marketplace Launcher: ~610 bytes
Combined minified: ~890 bytes
Gzipped: ~450 bytes

These functions are framework-agnostic and work with any website - React, Vue, Angular, vanilla HTML/JavaScript, etc.

Security Considerations

Token encryption
Token expires after first use
Bank controls signature creation
HTTPS enforced for all endpoints
Browser fingerprinting
Secure HTTP only cookie storage

Nuclei Marketplace Integration Example​

How to integrate:​

Available Categories:​

Device ID Generator Function (Copy this):​

Marketplace Launcher Function (Copy this):​

Complete Integration Code:​

Function Parameters:​

Environment Values:​

Available Deep Links:​

Important Notes :​

Browser Support​

Method Size​

Security Considerations​