All Collections
Versions 3.0 and 2.0
Implement
Portal 3.0
Advanced Signing and Security with Portal 3.0
Advanced Signing and Security with Portal 3.0
Elisa Dinsmore avatar
Written by Elisa Dinsmore
Updated over a week ago

This article is for Flatfile's Portal 3.0. If you'd like to check out the latest version of the Flatfile Data Exchange Platform, click here!

Portal 3.0 has the ability to use the JWT to configure signed environment variables for workspaces. You can use these variables to:

  • add signatures to increase security

  • keep track of and store information about uploads

  • pass tokens or data from your page for use inside Flatfile Data Hooks (for example, a user ID or an API authentication token)


To use this feature, add a new variable, env, inside of the code for JWT token generation. A successful implementation of this feature would look something like this:

app.post("/auth-flatfile", async (req, res) => {
const token = jwt.sign(
{
embed: EMBED_ID,
user: {
/** YOUR USER INFO HERE */
},
org: {
/** YOUR ORG INFO HERE */
},
// Here you can add whatever you want to send to your Data Hooks
env: {
foo: "Foo",
bar: "Bar",
},
},
PRIVATE_KEY,
);

res.send({ token });
});

Within the env variable, you can add one or more key-value pairs. You may sign the content of the env separately or choose not to sign the content of the env variable and simply rely on the parent token signature.

After you have added a variable to env in the JWT token signature, you can access the key-value pair using a Data Hook that references session.env.


For example, if you included a value for a variable named “mytoken” in env, your env key-value pair would look like mytoken: "anystring" and you could access the mytoken value using a Data Hook referencing session.env.mytoken.

Did this answer your question?