Secure client authentication with JWT for web apps
Instant sync and collaboration is available when using Web SDK with Document Engine. For more information, refer to the operational mode guide.
When using Web SDK with Document Engine, your client needs to authenticate itself with your running Document Engine instance. To do this, you need to generate a JSON Web Token (JWT). In most cases, your own backend application will generate a JWT that’s sent to your users.
Quick start
// Client-side: Load with Instant sync enabledNutrientViewer.load({ container: "#viewer", serverUrl: "https://your-document-engine.example.com", documentId: "your-document-id", authPayload: { jwt: yourJwtToken }, instant: true}) .then((instance) => { console.log("Connected to Instant sync"); }) .catch((error) => { console.error("Failed to connect:", error.message); });JWT structure
Your JWT must include the required claims for Document Engine authentication. For detailed information on JWT payload structure, required claims, and how to generate valid tokens, see Generate a JWT.
Your users then use the JWT your app supplied to authenticate themselves with Nutrient Web SDK, which will then return only the data the user is allowed to see. In general, a JWT will give the user access to a specific document and Instant layer combination. If you’re using Collaboration Permissions, the JWT can also control which actions the user can take and which resources the user can see.
If you’re having trouble generating valid JWTs, we have a guide that shows you how to validate JWTs using the Document Engine dashboard.