Authenticating the User
Generate a JSON Web Token (JWT) to securely associate referral data with individual users.
This guide is the second installment in a three-part series on integrating the Reditus Referral Program In-App Widget. In this section, we focus on generating a JWT so each user’s referral activity is linked to the correct account. Authentication is handled on your backend to ensure your product secret remains private.
Overview
A JWT is used to identify the user when the widget loads. The product secret from Reditus is critical for signing this token and should never be exposed in front-end code. Instead, you will generate the token on your server and pass it to your client.
Examples
You can generate JWTs in virtually any language or framework using popular libraries: jwt.io/libraries
Parameters
| Parameter | Type | Description |
|---|---|---|
SECRET | string | Required. The product secret obtained from your Reditus dashboard. Must never be exposed on the client side. |
PRODUCT_ID | string | Required. The unique product identifier from the Reditus configuration. |
USER_ID | string | Required. Your internal user identifier (e.g., database ID) that will be tied to referral data. |
tokenPayload | object | Payload for the JWT. In this example, includes ProductId, UserId, and iat. |
tokenPayload.iat | number | The current time in seconds (issued at). Ensures the token creation time is recorded. |
Usage
- Generate this token on your backend using the product secret and product ID.
- Send the token to your frontend (e.g., via an API response).
- Use the token in the auth_token parameter of the
gr("loadReferralWidget", ...)(detailed in Loading the Widget).
Next steps
Final Step: Continue to Showing the Widget Modal to learn how to present the referral interface to users.