Authentication Flow

Document Engine uses the JSON Web Token (JWT) format for authentication. Your backend signs a JWT asserting that the holder of the token is allowed to access a given document. Next, it passes the JWT to your client apps that use PSPDFKit for Android, iOS, and Web. Your app then passes its token to Document Engine to prove it has access to the claimed document.

The JSON Web Token (JWT) is signed with a private key on your server and verified with the public key on Document Engine.