SaaSBox
Search
K

APIs to fetch tokens

JWT fetching with Next.js

post
https://yourapp.saasbox.net
/api/user-token-otc
JWT fetching
Use case:
This API call fetches a JWT token with the user data structure using a one time code (OTC). This is typically used to start a user session on a standalone application living in yourapp.domain.com.
  1. 1.
    User logs in at yourapp.saasbox.net
  2. 2.
    User is redirected to yourapp.domain.com where your application lives.
  3. 3.
    yourapp.domain.com application uses the OTC in the query parameters, the SaaSBox application ID and api key to make this request, fetch the JWT and start a user session.
  4. 4.
    The above is handled by the package sbox-auth-next for NextJS.

JWT fetching with Bubble or Retool

post
https://yourapp.saasbox.net
/api/userByOTC
Fetches user data by OTC
Use Case:
If you develop an application that is embedded inside SaaSBox (E.g. using Retool, Bubble, others or a plain React code embed), the OTC passed to your application in the query parameters is used for receiving back the user data for the embed.
How it works:
  1. 1.
    Nocode application is configured to make this API call back to SaaSBox (e.g. using API builder tool that is typically available inside the nocode tool, see our examples)
  2. 2.
    The nocode application is embedded as an iframe inside the SaaSBox user dashboard
  3. 3.
    SaaSBox passes an OTC to the embed url as a ?otc=<otc> query parameter
  4. 4.
    The application then reads the query parameter and uses it as a body argument to make this call back to SaaSBox
  5. 5.
    The nocode application receives the per-user data, such as user name, email, profile picture, but also and most importantly, the user's subscription plan details.
See our guides on Retool, Bubble, Appsmith to learn more about this use case.