Creating and signing a JWT

JWTs are used to authenticate users from the Featurebase Messenger, widgets and the web portal through SSO.

Written By Bruno from Featurebase

Last updated 4 months ago

Creating a JWT

To create and sign a JWT:

  1. Start by getting your private key from Settings → Security → Get JWT Secret. Store it on your server and make sure not to share it with anyone!

  2. On your server, generate a JWT with your customer data using the example below.

Install required packages

Example
npm install --save jsonwebtoken

Generate the JWT

Example
const jwt = require("jsonwebtoken");

// IMPORTANT: NEVER EXPOSE ON CLIENT SIDE!!
const JWT_SECRET = "JWT_SECRET_VALUE";

function generateJWTToken(user) {
    const userData = {
        name: user.name,
        // Both email and userId should be provided when possible
        // At minimum, either email or userId must be present
        email: user.email,
        userId: user.id, 
        profilePicture: "https://example.com/images/yourcustomer.png",

        // Add any optional custom attributes - must be configured from settings to work        
        title: "Product Manager",
        plan: "Premium",
        number: "123",
 
        // Tags
        // tags: ["Tag name1"] // Optional - tag user with configured tag names

        // locale: "en", // optional, provide expected language for user
        
        // Optional fields
        companies: [
            {
                id: "987654321",           // required
                name: "Business Inc. 23",  // required
                monthlySpend: 500,         // optional
                createdAt: "2023-05-19T15:35:49.915Z", // optional
                // Add any optional custom attributes - must be configured from settings to work
                industry: "Fintech",
                location: "Canada",
            },
        ],
    };

    return jwt.sign(userData, JWT_SECRET, {
        algorithm: "HS256",
    });
}

Make sure you replace JWT_SECRET with the secret for your organization.

Testing if your generated JWT works

Now go to Settings → Security and validate your JWT. This will tell you if you’ve done everything correctly.

Important: Set up custom attributes

If you are adding custom attributes in the data, you must configure them first. Otherwise, they are not gonna show up and persist.

Please make sure to configure them by following this guide →

Next steps

That’s it! Now you can use the freshly generated JWT to authenticate users in Featurebase.

Please continue from the original guide that linked to this article to finish your installation.