Articles on: Developer FAQ

Can I use Magic with JWT?

Yes! You can simply use Magic for authentication, and your own JWT implementation for authorization.

Here's high-level how JWT would work with Magic:

User logs in with Magic, you're returned the DID token
Validate the DID token in your backend with our admin-sdk magic.token.validate(did) method
Call our admin-sdk method magic.user. getMetadataByToken(did) to grab the user's unique ID and email address
Store that data inside a JWT token and then move forward with your JWT implementation
On subsequent requests to your server, just verify the JWT

For example:

The client-side magic.user.getMetadata() while I'm logged in returns:

  "issuer": "did:ethr:0xB6fA0Cc4Af592e4405Aea2bDc53676b6Bd13A3E2",
  "publicAddress": "0xB6fA0Cc4Af592e4405Aea2bDc53676b6Bd13A3E2",
  "email": ""

Wrapped in a JWT, that is:

Just enter that JWT on to see it decoded back into the metadata object.

View our guide on this here

Updated on: 05/04/2021

Was this article helpful?

Share your feedback


Thank you!