Integrations
      Back to home
      1. Resources
      2. Integrations

      How to Set Up a Native App SSO

      Follow the below steps for a token pass integration and set up your SSO.

      JWT Integration Flow: Step-by-Step

      1. User Authentication: The user logs into the native app using their standard credentials. The app's backend generates a secure, short-lived authentication token (e.g., a JWT).
      2. Webview Initialization with Header: When the user navigates to the Tradable Bits campaign, the native app opens a webview pointing to the provided campaign URL. The app must inject a custom HTTP header into this request containing the authentication token.
         
        • Endpoint Example: https://tradablebits.com/tb_native/<page_tab_id>
        • Required Header: Authorization: Bearer <user_auth_token>

      3. Token Reception & Validation: The Tradable Bits server receives the request, extracts the <user_auth_token> from the Authorization header, and initiates a validation check.
      4. Server-to-Server User Verification: Tradable Bits' backend makes a secure, server-to-server API call to a dedicated endpoint on the [native app] backend. This is not a call to the user's app. The purpose of this call is to exchange the temporary token for trusted user details.
        • [Native App] Responsibility: You must provide a secure backend endpoint (e.g., https://api.nativeapp.com/validate_token) for Tradable Bits to call.
        • Request: Tradable Bits will send the <user_auth_token>.
        • Response: If the token is valid, your endpoint should return a JSON object with the required user data (see field list below).
      5. Web Session Creation: Upon successful validation, Tradable Bits creates a standard web session cookie for its domain within the webview. This keeps the user logged in for the duration of their interaction with the campaign.
      6. Campaign Display: The campaign loads with the user's information (First Name, Email, etc.) pre-populated in the form fields. These fields will be hidden from the user to create a seamless entry flow. If TBits auth/login is enabled in the campaign, the session should allow a full bypass of the login. 

      Note: If the Tradable Bits Authentication solution is used in the Native App, the app can provide tb_auth_session cookie in the header: X-TBITS-SESSION. TBits will write code to support it accordingly.

       

       

      Still have questions? Please contact support@tradablebits.com