JWT Token as authentication in Front End Flows
This page outlines how you set up the Fast Track Front End Javascript Library using a JWT Token that you have generated on your side.
The benefit of using JWT Token with Fast Track Front End Javascript Library is:
- You don't need to spend development time building the /authenticate endpoint in your Operator API.
- The authentication flow will be quicker.
- There will be less requests against your Operator API.
Step 1: Generate the token
Start with generate the JWT token to be used with Fast Track On Site flow. It should be generated using official JWT practices which can be read about here https://jwt.io/ and here https://jwt.io/introduction.
Add a claim in the JWT for the user_id as well.
Example JWT Token payload claims:
After you have signed your JWT Token with a 256-bit secret, share the secret with Fast Track so that the integrity of the token can be validated on Fast Track side.
The JWT Token needs to be generated server side and returned to the front end upon login.
Step 2: Make use of the token in the on site notifications javascript library set up
When you are setting up the Fast Track Front End Javascript library you need to tell it that the token provided is a JWT Token. You can also select how the Fast Track Javascript Library should pick up the JWT Token; either by reading it from `window.sid` variable, or picking it up from local storage.
Below is bare minimum configuration required:
Token location
The token location can be specified above as shown. If you don't set the property tokenLocation, the JWT token will instead be read from window.sid. If you want to change the key of the local storage, then you should modify the second part in the string, after the punctuation. Like so: local_storage.custom_jwt_location.
Auto init
If you are running with autoInit : false then you can provide the JWT token as first parameter in the init function, like below: