Log in using a JWT

Deprecated docs

The developer portal beta is approaching end of life.

Use Realm and Reunite instead. Read the migration guide.

You can use a JWT endpoint to seamlessly log users into a portal from your app.

Prerequisites

It doesn't have to be a real identity provider but it should implement jwks_uri. Example minimal OIDC config:

{
  "response_types_supported": [
    "token id_token"
  ],
  "jwks_uri": "https://example.com/.well-known/jwks.json",
  "issuer": "https://example.com/auth"
}

Enable OIDC auth for the portal
In the portal access settings enable OIDC auth. If your portal is public, then select Allow login with OIDC.

Sign a JWT ID token and redirect the user to the following URL:

https://<your-portal-url>/_auth/oidc#id_token=<id-token>

Replace your-portal-url with the deployment URL of your portal (it can also be a custom domain) and id-token with the token generated.

Requirements for the token:

The issuer field MUST match the one configured in IdP settings.
The token MUST have both email and sub claims.
The alg MUST be RS256.

Log in using a JWT

Prerequisites

Login flow

Was this helpful?