Wix Answers Help Center
Developers: Authenticating Users With the Widget
Use an authentication function in your widget:
- To embed a widget in your site that contains knowledge base articles that only logged-in users can access.
- To have logged-in users to be able to contact you with their identity verified.
Enable SSO Authentication
You must first enable SSO Authentication while customizing your widget's advanced settings.
Overview
To authenticate a user, the client code that embeds the widget on your site must request a token for this user from your server. Your server verifies the identity of the user through whichever method you currently use and then requests a token for this user from the Wix Answers auth REST API. This request is secured using your Wix Answers Api Key and Api Secret. When your client code receives the token it is passed to the Widget using an SDK method.
In accordance with web security best practices, the token that our auth API provides is short lived and is only valid for 5 minutes. Therefore, rather than passing a single token to the widget, you must supply a function to the widget that returns a promise that resolves to the token. The Widget gets a new token whenever necessary.
In accordance with web security best practices, the token that our auth API provides is short lived and is only valid for 5 minutes. Therefore, rather than passing a single token to the widget, you must supply a function to the widget that returns a promise that resolves to the token. The Widget gets a new token whenever necessary.
Code example
Was this article helpful?