Paragon
Home
Search…
Paragon
Paragon Connect
Home
Start a Free Trial
Quickstart Sample App
Getting Started
Introduction
Installing the Connect SDK
Adding an Integration
Displaying the Connect Portal
Customizing the Connect Portal
Workflows
Building Workflows
Triggering Workflows
Integration Actions
Workflow User Settings
Making API Requests
Using Functions
Using Conditionals
Using Fan Out
Viewing Task History
Auto-Retries
Version History
API
Using the Connect API
API Reference
Resources
Integration Providers
Custom Integrations
JavaScript Libraries
Paragon User Token Generator
Tutorials
Building a Salesforce Integration
Building a HubSpot Integration
Building a Marketo Integration
Managing Your Account
Inviting Team Members
Security
Security
GDPR
Service Level Agreement
What's new in Paragon
Powered By GitBook
Installing the Connect SDK

SDK Installation

You can install the Paragon SDK into your site with a small snippet of JavaScript:
JavaScript
1
<script type="text/javascript" src="https://cdn.useparagon.com/latest/sdk/index.js"></script>
Copied!
This should go anywhere in the <head> element of your site, wherever you include external scripts.
The Paragon SDK gives you access to the Paragon global, which you can access as window.paragon or simply paragon.

Setup

Before using the Paragon SDK, you'll need to set up your application to verify the identity of your users to the SDK.
Paragon verifies the identity of your users using the authentication system you're already using, including managed services like Firebase Authentication, Auth0, and MemberStack. Some backend code may be required if your application implements its own sign-in and registration.
If your application implements its own authentication backend, follow the steps in Setup with your own authentication backend.
If you use a managed authentication service like Firebase Authentication or Auth0, follow the steps in Setup with a managed authentication service.

Setup with your own authentication backend

If you use your own backend server to manage authentication, you'll first need to complete the following steps:

1. Generate a Paragon Signing Key

To generate a Signing Key, go to Settings > Signing Keys in your Paragon dashboard. You should store this key in an environment secrets file.
For security reasons, we don’t store your Private Key and cannot show it to you again, so we recommend you download the key and store it someplace secure.

2. Generate a Paragon User Token

Next, you'll need to generate a Paragon User Token for each of your authenticated users. To do this, you'll need a library in your target language to sign JWTs with RS256. You can find one in your language at https://jwt.io/.
If your application is a fully client-rendered single-page app, you may have to create and use an additional API endpoint to retrieve a signed JWT (or reuse an existing endpoint that handles authentication or user info).
The signed JWT/Paragon User Token minimally must include the sub, iat, and exp claims:
JavaScript
1
{
2
// Uniquely identifying key for a user
3
"sub": "the-user-id",
4
​
5
// Issue timestamp, should be the current time
6
"iat": 1608600116
7
​
8
// Expiry timestamp for token, such as 1 hour from time of signature (iat)
9
"exp": 1608603716
10
}
Copied!

Just for testing: Generating one-off JWTs

Use the Paragon JWT Generator to generate test JWTs for your development purposes. In production, static tokens should never be used.

3. Call paragon.authenticate()

You'll call paragon.authenticate in your view with a JWT signed by your backend using the library chosen in Step 2. This JWT is the Paragon user token.
1
await paragon.authenticate(
2
// You can find your project ID in the Overview tab of any Integration
3
"38b1f170-0c43-4eae-9a04-ab85325d99f7",
4
​
5
// See Setup for how to encode your user token
6
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.ey..."
7
);
Copied!
The paragon.authenticate function is Promiseable and resolves when the SDK has successfully authenticated your user. Note that other functions, like paragon.connect, may not work as expected until this Promise has resolved.
​
Example Implementation: A Node.js and Express app using Handlebars view templating
    1.
    Adding middleware to sign the JWT and include it in the response context
    1
    // server.js - Adding middleware to sign an authenticated user's token
    2
    const jwt = require('jsonwebtoken');
    3
    ​
    4
    app.use((req, res, next) => {
    5
    if (!req.user) {
    6
    return next();
    7
    }
    8
    // JWT NumericDates specified in seconds:
    9
    const currentTime = Math.floor(Date.now() / 1000);
    10
    res.locals({
    11
    paragonToken: jsonwebtoken.sign(
    12
    {
    13
    sub: req.user.id,
    14
    iat: currentTime,
    15
    exp: currentTime + (60 * 60), // 1 hour from now
    16
    },
    17
    process.env.PARAGON_SIGNING_KEY,
    18
    {
    19
    algorithm: "RS256",
    20
    }
    21
    ),
    22
    });
    23
    next();
    24
    });
    Copied!
    2.
    Use the paragonJwt set in context within the view template, with a call to paragon.authenticate:
    1
    // layout.hbs - Include paragon.authenticate call in the view template
    2
    <body>
    3
    <script type="text/javascript">
    4
    paragon.authenticate("project-id", "{{ paragonToken }}").then(() => {
    5
    // paragon.getUser() will now return the authenticated user
    6
    });
    7
    </script>
    8
    </body>
    Copied!

Setup with a managed authentication service

Managed authentication is not currently represented in the options for Signing Keys in your Paragon project settings. You'll need to send us a support message or have been on an onboarding call with us to use a managed authentication service with Paragon.
Since Paragon uses a JSON Web Token (JWT) to encode and validate user identity, many managed services will already have a token that you can pass directly to Paragon.
Firebase Authentication
Auth0
MemberStack
The Firebase ID token can be used directly as the Paragon user token.
You can get a Firebase ID token from the JavaScript client-side library with:
1
firebase.auth().currentUser.getIdToken(true).then(async function(idToken) {
2
await paragon.authenticate("project-id", idToken);
3
})
Copied!
The Auth0 ID token can be used directly as the Paragon user token.
Auth0 provides comprehensive docs on retrieving the ID token in various contexts. An example of this, using their single page app SDK:
1
auth0.getIdTokenClaims().then((claims) => {
2
await paragon.authenticate("project-id", claims.__raw);
3
});
Copied!
If you're using Auth0 with Paragon, please email us at [email protected] with your Auth0 tenant name so we can enable support on your account.
The MemberStack token can be used directly as the Paragon user token.
You can use MemberStack.getToken to retrieve the MemberStack token, as explained in their docs.
1
MemberStack.onReady(() => {
2
await paragon.authenticate("your project ID", MemberStack.getToken());
3
});
Copied!
Getting Started - Previous
Introduction
Next - Getting Started
Adding an Integration
Last modified 2mo ago
Copy link
Contents
SDK Installation
Setup
Setup with your own authentication backend
Setup with a managed authentication service