This guide is the second installment in a three-part series on integrating the Reditus Referral Program In-App Widget. In this section, we focus on generating a JWT so each user’s referral activity is linked to the correct account. Authentication is handled on your backend to ensure your product secret remains private.

Overview

A JWT is used to identify the user when the widget loads. The product secret from Reditus is critical for signing this token and should never be exposed in front-end code. Instead, you will generate the token on your server and pass it to your client.

Examples

const { SignJWT } = require("jose");

app.post("/referral-program/generate-token", async (req, res) => {
  const SECRET = "YOUR_PRODUCT_SECRET";
  const PRODUCT_ID = "YOUR_PRODUCT_ID";
  const userId = req.body.userId; // e.g., from request payload

  try {
    const secretKey = new TextEncoder().encode(SECRET);
    const token = await new SignJWT({
      ProductId: PRODUCT_ID,
      UserId: userId,
      iat: Math.floor(Date.now() / 1000),
    })
      .setProtectedHeader({ alg: "HS512", typ: "JWT" })
      .sign(secretKey);

    return res.json({ token });
  } catch (error) {
    return res.status(500).json({ error: "Token generation failed" });
  }
});
You can generate JWTs in virtually any language or framework using popular libraries: jwt.io/libraries

Parameters

ParameterTypeDescription
SECRETstringRequired. The product secret obtained from your Reditus dashboard. Must never be exposed on the client side.
PRODUCT_IDstringRequired. The unique product identifier from the Reditus configuration.
USER_IDstringRequired. Your internal user identifier (e.g., database ID) that will be tied to referral data.
tokenPayloadobjectPayload for the JWT. In this example, includes ProductId, UserId, and iat.
tokenPayload.iatnumberThe current time in seconds (issued at). Ensures the token creation time is recorded.

Usage

  1. Generate this token on your backend using the product secret and product ID.
  2. Send the token to your frontend (e.g., via an API response).
  3. Use the token in the auth_token parameter of the gr("loadReferralWidget", ...) (detailed in Loading the Widget).

Next steps

Final Step: Continue to Showing the Widget Modal to learn how to present the referral interface to users.