Enable single sign on for your customers with JSON Web Token

If you have a website and your customers already have user accounts in that app, you can allow your customers to login to your HappyFox Support Centre using JSON Web Token(JWT). This eliminates the need for your customers to have another set of passwords to remember and makes it seamless for them to view their support tickets or to raise new ones from your web app.

You can find more information about JWT here.

This integration option is only available on our Fantastic and Enterprise subscription plans.

Setting up JWT integration in HappyFox

You can find the JWT integration settings in Manage -> Integrations -> JSON Web Token

Enter the following details, 
- Remote Login URL:  This is the URL the client will be redirected to, if he/she logs into your HappyFox Support Centre.
- Remote Logout URL: This is the URL the client will be redirected to, once he/she logs out of your HappyFox Support Centre. 
- Key: The Key field will be prepopulated with a 32 character alphanumeric string
- Client Redirect URL: This is the URL to which your authentication system must redirect the client to after login.

Once the feature is enabled, the login link in your Support Centre will redirect the user to the Remote Login URL specified above. Similarly, when the user logs out, they will be redirected to the Remote Logout URL.

Setting up your JWT implementation

To authenticate a user, you need to send the following values to HappyFox as part of your JWT request. Please learn more about how to make a valid JWT request from jwt.io

  • iat - Stands for Issued At. This is the time when the token was generated, this is used to help ensure that a given token gets used shortly after it's generated. The value must be the number of seconds since UNIX epoch.
  • jti - Stands for JSON Web Token ID. A unique id for the token, used to prevent token from being used multiple times (replay attacks).
  • name - Name of the user logging in. 
  • email - Email address of the user logging in.

These values need to be encoded with the HS256 algorithm with the Secret Key that you get from the JWT integrations page in your HappyFox account as mentioned above. Once the payload is encoded, redirect the user to https://<accountname>.happyfox.com/jwt/?token=<payload>

Once HappyFox validates the payload, it will log the user into the Support Centre with the specified name/email. 

Note: The JWT token is valid for 120 seconds from HappyFox side. If the redirect from the customer application takes longer than this, for some reason, an error like this will be seen - "Remote token has expired".