Client Authentication in PSPDFKit Instant

The JSON Web Token (JWT) is signed with a private key on your server and verified with the public key on PSPDFKit Server.

When using PSPDFKit for Web Server-Backed, your client needs to authenticate itself with your running PSPDFKit Server instance. To do this, you need to generate a JSON Web Token (JWT). In most cases, your own backend application will generate a JWT that’s sent to your users.

Your users then use the JWT your app supplied to authenticate themselves with PSPDFKit for Web, which will then return only the data the user is allowed to see. In general, a JWT will give the user access to a specific document and Instant layer combination. If you’re using Collaboration Permissions, the JWT can also control which actions the user can take and which resources the user can see.

If you’re having trouble generating valid JWTs, we have a guide that shows you how to validate JWTs using the PSPDFKit Server dashboard.