Authentication And Security

Exchange a JWS/JWE Token for a Xano Auth Token

Back to videos

Summary

In this step-by-step guide, we'll walk through the process of decoding the token received from Memberstack and translating it into a Xano token. This will enable secure authentication and authorization for your web or mobile application using the Xano platform.

Step 1: Decode the Memberstack Token

First, you need to decode the token you're receiving from Memberstack. This can be done using the `JWSD` function in Xano.

  1. In the Xano dashboard, navigate to the `Security` section and click on `JWSD`.
  2. Set the `JWT Token` input to the token you received from Memberstack.
  3. Copy the public key from the Memberstack documentation by clicking on "Find public keys" and copying the content between `-----BEGIN PUBLIC KEY-----` and `-----END PUBLIC KEY-----`.
  4. Paste the public key into the `Public Key` field in Xano.
  5. Set the `Signature` to `RS256`.
  6. Click `Save`.

Now, you should see the decoded token output, including the user's name, email address, and Memberstack ID.

Step 2: Store User in the Database

Next, you'll want to store the user in your Xano database for future reference.

  1. Create a new table (e.g., `users`) in your Xano project to store user information.
  2. Add the relevant fields to the table, such as `name`, `email`, and `memberstackID`.
  3. Insert a new record into the `users` table, using the decoded token information from the previous step.

Step 3: Generate Xano Token

With the user information stored in your Xano database, you can now generate a Xano token for authentication and authorization purposes.

  1. In the Xano dashboard, navigate to the `Security` section and click on `Auth Token`.
  2. Set the `Table` to the table you created for storing user information (e.g., `users`).
  3. Set the `ID` to the ID of the user record you just created.
  4. Set the `Expires` field to specify the token's expiration time (e.g., `1h` for one hour).
  5. Click `Save`.

You should now see the generated Xano token in the output.

Step 4: Use the Xano Token

Finally, you can use the generated Xano token for authentication and authorization purposes in your application.

  1. If you have any locked-down endpoints in your Xano project, you can pass the Xano token in the `Authentication` header to access them.
  2. Alternatively, you can use the Xano token in your frontend application to make authenticated requests to your Xano APIs.

By following these steps, you've successfully decoded the Memberstack token, stored the user information in your Xano database, and generated a Xano token for secure authentication and authorization purposes.

This transcript was AI generated to allow users to quickly answer technical questions about Xano.

Was this helpful?

I found it helpful

I need more support
Recommended videos

View all videos

How Authentication Works
Authentication And Security

How Authentication Works

To-do App Build Along (PART 2): Logging in and Authenticated Requests
Authentication And Security

To-do App Build Along (PART 2): Logging in and Authenticated Requests

Rate Limit Password Inputs
Authentication And Security

Rate Limit Password Inputs

Sign up for XanoSign up for Xano

Build without limits on a secure, scalable backend.

Unblock your team's progress and create a backend that will scale for free.

Start building for free