Authentication

Depending on the use case, there are three ways to authenticate:

• For calls to Clevergy Connect API, you must use the API Key.
• For integration with microfrontends, you must use the JWT.
• For accessing the entire webview via URL, you can use the Login with Token method.

Authentication with API Key

Whe calling to Clevergy Connect API, you have to use your API key. You need to write to your CSM, and we will provide you with the API key of your environment.

To use the API, you will only need to add this header to your calls:

--header 'clevergy-api-key: AIzaSyBntS2wwTsq03-8lZnkeriuhbiunwdlm2Nh8n4Oc'// Example token

API key security

Store your API key somewhere safe where you won't lose or reveal it. It is something important in security terms. If you lose it, ask to revoke the current one and generate a new one.

Authentication with JWT

For those microfrontends that need to fetch data from our API, you have to provide a JTW token. The following diagram explains the basic architecture of the solution.

• Your App: This is the client that will hold all your code with Clevergy's microfrontends. It will be responsible of holding all the frontend code of the project both your code and Clevergy's microfrontends.

• Your API: Your API should live in a server. It will hold your API key and therefor shoul not be accesible to the end user. Your API will be a secure proxy between Clevergy's API and your app to deliver safely the JWT.

• Clevergy Connect API: Clevergy's Connect API has all the information needed to run and manage all microfrontends. This API can be accesed directly from your application using a user JWT to perform certain operations on behalf of the user.

To obtain the JWT token, you have to use your API key calling to Get user access token method of Connect API.

API key security

Don't expose your API key to the end user. It should be stored in a secure place and used by your API to fetch the JWT.

Those microfrontends that need authentication will have a data-token parameter that you have to set with the JWT token.

Authentication example

<clevergy-module-name data-token="your-jwt-token" />

Token expiration

After 1 hour, the token expires, so you do need to create another new one.

Not all modules need authentication, so check the modules catalog to see if the module you are interested in needs authentication.

Authentication login with token

This method allows accessing the entire webview by passing a JWT directly in the URL. To use this method, you will need your specific tenant name ({tenant_name}). Please contact us to obtain your assigned tenant name.

Paste the JWT in the URL:

• URL format: Use the following structure, replacing {tenant_name} with your assigned tenant name and your-jwt-token with your actual JWT:

  https://{tenant_name}.clever.gy/login-with-token?token=your-jwt-token

info

Replace {tenant_name} with the actual name provided to you

• Example JWT:

  eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJodHRwczovL2lkZW50aXR5dG9vbGtpdC5nb29nbGVhcGlzLmNvbS9nb29nbGUuaWRlbnRpdHkuaWRlbnRpdHl0b29sa2l0LnYxLklkZW50aXR5VG9vbGtpdCIsImV4cCI6MTY3NTg3ODQyMiwiaWF0IjoxNjc1ODc0ODIyLCJpc3MiOiJwdWJsaWMtZnJvbnQtYmFja0BjbGV2ZXJneS5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsInN1YiI6InB1YmxpYy1mcm9udC1iYWNrQGNsZXZlcmd5LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwidGVuYW50X2lkIjoiaGFzdGVlLWU4MGJ3IiwidWlkIjoieWV0eXZ0eFZWaGc0bDBhSUZiSGZndDR2WFJTMiJ9.f4ZDtjdNsPslcgmCjZ_1GC3H5n9hOxFF0C1fWOLytGgGrrVR-84ARqNXPoSgV0sSWbdgr6PBwbBAcsBqmIIsCSjDN9CqOiB2Qt8x4jmGrARdawtsvy09PePAkaKQjawcemttf6vU8qbIFCfOCGfYBj8VPtuJs03t7i_urZalYk4-MFArcwYmHU_e_NJUR2ws5Wo5Pg0N4Vu-XdRpnMiGxQbsBOsXerVOp2Lii10cP7W3TYbxusJK1-103JeerVwBEEVrxjO_QNRaZzcKfEdTZxzZ2SKxw71jwBph-WFYqhV1HeYxAAnt3b9zQ4LCBPfB9ia4L5QuEnmdeDmDNmLMRg

• Example of combined URL + JWT (using 'example-tenant' as {tenant_name}):

  https://example-tenant.clever.gy/login-with-token?token=eyJhbGciOiJSUzI1NiJ9.eyJhdWQiOiJodHRwczovL2lkZW50aXR5dG9vbGtpdC5nb29nbGVhcGlzLmNvbS9nb29nbGUuaWRlbnRpdHkuaWRlbnRpdHl0b29sa2l0LnYxLklkZW50aXR5VG9vbGtpdCIsImV4cCI6MTY3NTg3ODQyMiwiaWF0IjoxNjc1ODc0ODIyLCJpc3MiOiJwdWJsaWMtZnJvbnQtYmFja0BjbGV2ZXJneS5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsInN1YiI6InB1YmxpYy1mcm9udC1iYWNrQGNsZXZlcmd5LmlhbS5nc2VydmljZWFjY291bnQuY29tIiwidGVuYW50X2lkIjoiaGFzdGVlLWU4MGJ3IiwidWlkIjoieWV0eXZ0eFZWaGc0bDBhSUZiSGZndDR2WFJTMiJ9.f4ZDtjdNsPslcgmCjZ_1GC3H5n9hOxFF0C1fWOLytGgGrrVR-84ARqNXPoSgV0sSWbdgr6PBwbBAcsBqmIIsCSjDN9CqOiB2Qt8x4jmGrARdawtsvy09PePAkaKQjawcemttf6vU8qbIFCfOCGfYBj8VPtuJs03t7i_urZalYk4-MFArcwYmHU_e_NJUR2ws5Wo5Pg0N4Vu-XdRpnMiGxQbsBOsXerVOp2Lii10cP7W3TYbxusJK1-103JeerVwBEEVrxjO_QNRaZzcKfEdTZxzZ2SKxw71jwBph-WFYqhV1HeYxAAnt3b9zQ4LCBPfB9ia4L5QuEnmdeDmDNmLMRg

Token expiration

After 1 hour, the token expires, so you do need to create another new one.

Access Granted

Pasting the complete URL (with your valid tenant name {tenant_name} and token) into your browser will grant you access to the webview.