Generate a JWT token-based account setup link for parents to use their Passport Portal credentials instead of Google or Facebook.
Audience: ✅District Admin
In this article
If parents in your district have requested the ability to use their Passport Portal credentials instead of logging in with Google or Facebook, you will need to generate a JWT token-based account setup link and send it to them.
JWT (JSON Web Token) is a widely used method for secure user authentication in web applications. This article guides you in generating a JWT token for a user to authenticate to the Parent Portal with their School Passport credentials. JWT token consists of three parts:
- Header: Сontains metadata about the token, such as the algorithm used for signing.
- Payload: Сontains the claims or the JSON object.
- Signature: Ensures the token's integrity and verifies it hasn't been falsified.
To learn more about a JWT token structure, see JSON Web Signature (JWS).
Encoding a JWT token produces representation in this order Header.Payload.Signature separated with period ('.') characters. JWT encoding example:
Before you begin
Sync parents' data. This ensures that all relevant information is up-to-date.
Step 1. Request OAuth API credentials
To generate a JWT token, required OAuth API user credentials, such as Client ID and Client Secret. To obtain these credentials, please contact GG4L Support and request them.
Step 2. Create a JWT token
- Access jwt.io debugger.
- On the Algorithm, select HS256.
- In the Payload add Client ID, Contact GUID, and expiration time and issued time of JWT token.
The following code shows an example of JWT Payload.
- iss (“Issuer”): The issuer of the claim used to identify the application. Use “jwtp.gg4l.com”.
- sub: Client ID.
- exp ("Expiration"): The timestamp when the token stops being valid, specified as seconds since 00:00:00 UTC, January 1, 1970. The maximum lifetime of a token is 24 hours.
- iat (“Issued At”): The timestamp when the token was created, specified as seconds since 00:00:00 UTC, January 1, 1970.
- guid: Contact`s GUID.
- In the Verify signature, enter Client Secret.
Your encoded JWT token is successfully generated.
Step 3. Create a link
After creating a JWT token, proceed to modify it to a URL. To do so, select and copy the encoded JWT token and append it to the following URL:
Please send a resulting URL to a parent/guardian so that they can configure their Parent Portal account.