Overview
Modify your Widget Configuration
Instead of directly adding your API key to the widget configuration on the frontend, you can point your widget to a backend URL that will handle all the sensitive operations. This way, the API key remains safely stored on your server, and the widget communicates with your backend.
Your widget configuration will now include a backendUrl
like this:
Sign-In Routes
The Sign-In Routes section explains how to securely manage user authentication using either sessions or JWT tokens. This includes generating a nonce for signing messages, verifying the user’s signature, and managing user sessions.
Sign In RoutesSubname Management Routes
The Subname Management Routes section demonstrates how to securely manage subnames, including adding and revoking subnames through backend APIs. These routes handle all API key operations on the server side, ensuring that users can claim or revoke subnames without exposing sensitive data in the frontend.
Subname Management RoutesFull Implementation
For a complete setup, the Full Implementation merges both the Sign-In and Subname Management Routes into a single backend service. This provides a unified solution for handling user authentication and subname management in a secure and scalable manner, using JWT tokens to manage user sessions and JustaName SDK for interacting with the JustaName infrastructure.
Full ImplementationLast updated