search

Single Sign-On (SSO)

SSO allows you to automatically connect a user to Gyfti from an external application using a JWT token generated via the API.

hashtag
Automatic Authentication

This method allows an external application to automatically log a user into Gyfti without requiring them to create an account or manually sign in.

The steps:

  1. The application generates a user JWT token using the Gyfti API.

  2. The application redirects the user to Gyfti with this token.

  3. Gyfti automatically authenticates the user.

hashtag
Get your API Key

Before generating a token, you must retrieve your Gyfti API key.

  1. Log in to your Gyfti account

  2. Go to the Settings page

  3. Copy your API key

⚠️ This key is used to authenticate your API requests. It must remain confidential and should only be used on the server side.

hashtag
1. Generate a user token

For each user you want to automatically log in, you must first generate a secure JWT token.

Send a POST request to the following endpoint:

hashtag
Headers

hashtag
Body

hashtag
Parameters

Parameter
Description

email

User email address

companyName

Name of your company on Gyfti

firstName

User first name

lastName

User last name

hashtag
Example using cURL

hashtag
Example response

The token field is the JWT you will use to log the user in.

hashtag
2. Redirect the user to Gyfti

Once the token is generated, redirect the user to the following URL:

Example:

hashtag
3. Automatic authentication

When the user arrives at this URL:

  1. Gyfti verifies the token

  2. The user is automatically created if they do not already exist

  3. The user is logged into their Gyfti workspace

No manual action is required from the user.

hashtag
Integration flow

💡 Tip

For security reasons:

  • Generate the token server-side

  • Never expose your API key in client-side code

PreviousRetrieve new orders and pool update

Last updated