This is the documentation for the JWT Authentication Handshake. The steps for setting up the JWT Personalization Handshake are slightly different.

If you don’t have a dashboard, or if you want to keep your dashboard and docs completely separate, you can use your own login flow to authenticate users via a JWT in the URL.

Implementation

1

Generate a private key

Go to your Mintlify dashboard settings and generate a private key. Store this key somewhere secure where it can be accessed by your backend.

2

Create a login flow

Create a login flow that does the following:

  • Authenticate the user
  • Create a JWT containing the authenticated user’s info in the UserInfo format
  • Sign the JWT with the secret key, using the EdDSA algorithm
  • Create a redirect URL back to the /login/jwt-callback path of your docs, including the JWT as the hash
3

Configure your Authentication settings

Return to your Mintlify dashboard settings and add the login URL to your Authentication settings.

Example

I want to set up authentication for my docs hosted at docs.foo.com. I want my docs to be completely separate from my dashboard (or I don’t have a dashboard at all).

To set up authentication with Mintlify, I go to my Mintlify dashboard and generate a JWT secret. I create a web URL https://foo.com/docs-login that initiates a login flow for my users. At the end of this login flow, once I have verified the identity of the user, I create a JWT containing the user’s custom data according to Mintlify’s specification. I use a JWT library to sign this JWT with my Mintlify secret, create a redirect URL of the form https://docs.foo.com/login/jwt-callback#{SIGNED_JWT}, and redirect the user.

I then go to the Mintlify dashboard settings and enter https://foo.com/docs-login for the Login URL field.

Here’s what the code might look like:

Was this page helpful?

Password HandshakeOAuth 2.0 Handshake