Custom JWT Authentication Provider
Developers can integrate login with their own existing JWT tokens. That way users don’t have to login on MirrorWorld platform, but can directly use 3rd party login system.
3rd party can issue and sign JWT on their own servers. After that JWT can be included in Authorization header with requests to MirrorWorld API.
Authorization: 'Bearer <3rd party issued token>'
Custom JWT Authentication Provider has to provide an API endpoint, which can be used to verify tokens that were issued by it. Endpoint has to take a header with authorization token, and return HTTP 200 if token passes verification.
Under each project in developer dashboard, 3rd party developer can register JWT token verification endpoint. Endpoint will be used to verify JWT tokens issued by the custom JWT authentication provider.
User is identified by email field inside the JWT token payload. Email inside the token must equal the email used when registering user on the project.
To register a user on the project, 3rd party developer can use endpoint: https://api.mirrorworld.fun/v2/auth/project-login
More details on how to use endpoint can be found in API documentation
Edit this page on GitHub