Cobrowse.io Docs
  • Getting started
  • SDK Installation
    • Web
    • iOS
    • Android
    • React Native
    • Flutter
    • .NET Mobile
    • macOS
    • Windows
  • SDK Features
    • Account config
    • Identify your devices
    • Use 6-digit codes
    • Redact sensitive data
    • Viewing PDFs
    • Universal Cobrowse
    • Customize the interface
      • Active session controls
      • 6-digit code screen
      • User consent dialog
      • Remote control consent dialog
      • Full device consent dialog
      • Localization / translation
    • Initiate sessions with push
    • Listening for events
    • Full device capabilities
      • Full device screen sharing
      • Full device remote control
      • Managing full device mode
    • Advanced configuration
      • Starting and stopping the SDK
      • Declaring capabilities
      • Intercepting mobile SDK network requests
      • Web
        • IFrames support
        • IE 11 polyfills
        • Cross-domain session support
        • Ignore Views
      • iOS
        • Alternate render method
        • Custom touch handling
      • Android
        • Backporting TLS to older Android versions
  • Agent-side integrations
    • Agent-side overview
    • Platform integrations
      • Zendesk
      • Salesforce
        • Migrating from legacy to v2
        • Salesforce (Legacy)
      • Genesys
        • Genesys Cloud
        • Engage Workspace Web Edition (WWE)
        • Engage Workspace Desktop Edition (WDE)
      • Intercom
      • Freshworks
      • Talkdesk
      • NICE
    • Custom integrations
    • Agent SDK
      • API Reference
      • Sample code snippets
    • Authentication (JWTs)
      • JWT Policies
    • Authentication (SAML 2.0)
    • IFrame embeds
  • Enterprise self-hosting
    • Self-hosting overview
    • Docker Compose
    • Helm chart
      • Image Pull Secret
      • Environment Variables
      • Optional recording components
      • Pod Annotations
    • AWS terraform
      • AWS metrics configuration
    • Azure terraform
      • Azure metrics configuration
    • GCP terraform
      • GCP metrics configuration
    • Sizing guidelines
    • Running your instance
      • Adding a superuser
      • Limiting account creation
      • Limiting magic link recipients
      • Configuring SMTP
      • Managing your deployment
    • Monitoring your instance
      • Available metrics
      • Self-Hosted Prometheus
    • Advanced configuration
      • Air gap configuration
      • Pin web SDK version
      • L7 firewall configuration
      • Docker proxy configuration
    • Troubleshooting
Powered by GitBook
On this page
  • Overview
  • Generate the JWT
  • Step-by-step guidance

Was this helpful?

  1. Agent-side integrations

Authentication (JWTs)

Learn how to generate JSON Web Tokens (JWTs) for automatic authentication when using the Agent JS API and/or IFrame embeds.

PreviousSample code snippetsNextJWT Policies

Last updated 9 months ago

Was this helpful?

Overview

JSON Web Tokens (JWTs) can be used for automatic authentication when using the and/or . For example, adding a JSON Web Token (JWT) as a query parameter allows the IFrame embed to load with the specified user already logged in.

There's no need to create the specified user ahead of time - this is all done automatically through use of JWTs.

Generate the JWT

The JWT is a token that carries information about which account it is, and who the specified user is. It is cryptographically signed by a RS256 private key on your backend. You will share with us the associated public key in your so that we can verify the request is from you and auto-authenticate the specified user to your account.

Want to know more about JWTs? See for the standard, open source libraries in many languages and more!

The JWT you create and sign should contain the following claims:

Claim

Description

iat required

Issued at time - this should be the time you created the JWT.

exp required

Expiry time - after this time we won't accept this JWT any more. How long JWTs you create last for is up to you, but we would recommend expiring them no more than a day after creation for security purposes.

aud required

Audience - must always be https://cobrowse.io.

iss required

sub required

Subject - The email of the support agent that you'd like to auto-authenticate. User will be automatically created if it does not yet exist.

displayName optional

Agent Display Name - The name of the support agent (may be displayed to the end user).

role optional

policy optional

Your sub and displayName claims are used for audit trail purposes. Along with the policy claim, they also scope agent access to your end-user's devices/information. This means that setting these claims as shared values between users is not recommended.

Follow these steps to generate your JWT:

  2. Keep the private key safe, and do not change the public key in the JWT SSO text box.

Step-by-step guidance

Issuer - Should be the license key for your Cobrowse account which can be found at .

User role - 'administrator' or 'agent'. Used for admin-level API calls, e.g. .

Policy - Optionally limit the scope of the JWT (e.g. limiting which devices can be listed and connected to). See the for more details.

Generate an RS256 key pair by clicking the "Generate" button in the .

Sign your claims object using your private key downloaded from step 1. Find a range of JWT signing libraries at . (Video guide below.)

Add the JWT as a query parameter to the , or pass it to the .

We recorded a video showing the complete steps to generate a RS256 private key, use it to sign a JSON object with the required claims, and use it as a query parameter to automatically authenticate the specified user. Hope it is helpful!

We also recorded a video showing how to use the JWT Policy claim to restrict the scope of the JWT to a filtered set of devices.

Agent JS API
IFrame embeds
account settings
https://jwt.io/
integration settings page
https://jwt.io/
IFrame source URL
Agent JS API
https://vimeo.com/812858694/dae42aa64a
https://www.youtube.com/watch?v=LCNEtzMv5U0
account settings
listing active sessions
docs on policies