import express from 'express';

const app = express();
const PORT = 8080;

async function generateVeltAuthToken(userId) {
  const url = "https://api.velt.dev/generateveltauthtoken";
  const body = {
    data: {
      userId: userId, // Unique user id of your user
      apiKey: "YOUR_VELT_API_KEY",
      authToken: "YOUR_CLIENT_AUTH_TOKEN", // Get this token from console.velt.dev
      userProperties: {
        groupId: "YOUR_USER_GROUP_ID", // If groupId is provided here then we will validate it with the groupId used in the identify call
        isAdmin: true, // Set to true if you want to set user as admin
      }
    },
  };

  try {
    const response = await fetch(url, {
      method: "POST",
      headers: {
        "Content-Type": "application/json",
      },
      body: JSON.stringify(body),
    });

    if (!response.ok) {
      throw new Error(`HTTP error! status: ${response.status}`);
    }

    const data = await response.json();
    return data?.result?.data?.token;
  } catch (error) {
    console.error("Error:", error);
  }
}

app.get('/generate-velt-jwt-token', async (req,res) => {
    const veltAuthToken = await generateVeltAuthToken(req.body.userId)
    res.json(veltAuthToken)
})

app.listen(PORT, () => {
  console.log(`JWT Server listening on port ${PORT}`);
});

Overview

JWT Tokens is an optional feature to add additional authentication security to our client.identify() method to prevent user impersonation.

1

Enable JWT Tokens in your console

Go to https://console.velt.dev and enable the toggle for Require JWT Token. The toggle is listed at the very bottom of the page.

JWT Tokens won’t work unless you enable it in your console.
2

Create a server endpoint for generating and sending JWT Tokens to the client

Create a server endpoint that will be used to generate and send a JWT Token to the client.

Example server endpoint code:

app.get('/generate-velt-jwt-token', async (req,res) => {
    const veltAuthToken = await generateVeltAuthToken(req.body.userId)
    res.json(veltAuthToken)
})
3

Generate a JWT Token from your server

In your server endpoint, call our https://api.velt.dev/generateveltauthtoken endpoint to generate a JWT Token.

Example server code:

async function generateVeltAuthToken(userId: string) {
  const url = "https://api.velt.dev/generateveltauthtoken";
  const body = {
    data: {
      userId: userId, // Unique user id of your user
      apiKey: "YOUR_VELT_API_KEY",
      authToken: "YOUR_CLIENT_AUTH_TOKEN", // Get this token from console.velt.dev
      userProperties: {
        groupId: "YOUR_USER_GROUP_ID", // If groupId is provided here then we will validate it with the groupId used in the identify call
        isAdmin: true, // Set to true if you want to set user as admin
      }
    },
  };

  try {
    const response = await fetch(url, {
      method: "POST",
      headers: {
        "Content-Type": "application/json",
      },
      body: JSON.stringify(body),
    });

    if (!response.ok) {
      throw new Error(`HTTP error! status: ${response.status}`);
    }

    const data = await response.json();
    return data?.result?.data?.token;
  } catch (error) {
    console.error("Error:", error);
  }
}

Request Body for https://api.velt.dev/generateveltauthtoken:

To get your Auth Token that is required for your request body, read here.

FieldRequiredDescription
apiKeyYesVelt API Key
authToken YesAuth Token from the Velt console
userId YesUnique user id of the user
userProperties.groupIdNoIf groupId is provided, it will be validated with the groupId used in the identify call. Recommended if you are setting groupIds
userProperties.isAdminNoSet to true if you want to set user as admin. This is the only way to set a user as an admin User
{
  "data": {
    "apiKey": "YOUR_API_KEY", //Velt API Key
    "authToken": "YOUR_AUTH_TOKEN", // Auth Token from the Velt console
    "userId": "yourUserId", // unique user id of the user you are generating a JWT Token for
    "userProperties": {
        groupId: "YOUR_USER_GROUP_ID", // If groupId is provided here then we will validate it with the groupId used in the identify call
        isAdmin: true, // Set to true if you want to set user as admin
    }
  }
}

Success Response for https://api.velt.dev/generateveltauthtoken:

{
  "result": {
    "status": "success",
    "message": "Token generated successfully.",
    "data": {
      "token": "YOUR_JWT_TOKEN"
    }
  }
}

Failure Response for https://api.velt.dev/generateveltauthtoken:

{
  "error": {
    "message": "Auth token not found.",
    "status": "INVALID_ARGUMENT"
  }
}

Make sure to generate the JWT Token from your server, not your client. Otherwise, your JWT Token will not be secure.
4

Call your server endpoint from your client to pass your JWT Token to your client

Call your server endpoint from your client to pass your JWT Token to your client.

  const yourJWTToken = await callToYourServerToGetJWTToken(userId)
5

Pass the JWT Token to client.identify()

Once the JWT Token is generated, you can pass it into the client.identify() method. The client.identify() method has an optional second parameter that takes in a configuration object that includes the JWT Token as a field.

  const yourJWTToken = await callToYourServerToGetJWTToken(userId)
  client.identify(user, {
    authToken: yourJWTToken,
  });
6

Your All Done!

You are all done! Now you have added an additional level of security with JWT Tokens.

import express from 'express';

const app = express();
const PORT = 8080;

async function generateVeltAuthToken(userId) {
  const url = "https://api.velt.dev/generateveltauthtoken";
  const body = {
    data: {
      userId: userId, // Unique user id of your user
      apiKey: "YOUR_VELT_API_KEY",
      authToken: "YOUR_CLIENT_AUTH_TOKEN", // Get this token from console.velt.dev
      userProperties: {
        groupId: "YOUR_USER_GROUP_ID", // If groupId is provided here then we will validate it with the groupId used in the identify call
        isAdmin: true, // Set to true if you want to set user as admin
      }
    },
  };

  try {
    const response = await fetch(url, {
      method: "POST",
      headers: {
        "Content-Type": "application/json",
      },
      body: JSON.stringify(body),
    });

    if (!response.ok) {
      throw new Error(`HTTP error! status: ${response.status}`);
    }

    const data = await response.json();
    return data?.result?.data?.token;
  } catch (error) {
    console.error("Error:", error);
  }
}

app.get('/generate-velt-jwt-token', async (req,res) => {
    const veltAuthToken = await generateVeltAuthToken(req.body.userId)
    res.json(veltAuthToken)
})

app.listen(PORT, () => {
  console.log(`JWT Server listening on port ${PORT}`);
});