If you have a website and your customers already have user accounts in that app, you can allow them to log in to your Nolt board using our Single Sign-On mechanism. This provides a more seamless experience for your users by eliminating the need for them to sign in to Nolt. You also know exactly who is posting and voting.
Navigate to your board → Settings → Identify users with SSO. Enter a value in the field SSO secret key. Remember, this key is secret. It should only be used from the server side of your application. Enable the integration.
To implement SSO, Nolt uses JSON Web Token (JWT). It's an open standard that describes a way of transmitting information between parties in a compact and secure JSON-based format. To make sure that the sender can be trusted, JWT uses a digital signature.
$ npm install --save jsonwebtoken
const jwt = require('jsonwebtoken');
function generateNoltToken(user) {
const payload = {
// The ID that you use in your app for this user
id: user.id,
// The user's email address that
// Nolt should use for notifications
email: user.email,
// The display name for this user
name: user.name,
// Optional: The URL to the user's avatar picture
imageUrl: user.imageUrl
}
return jwt.sign(payload, 'YOUR_SSO_SECRET_KEY', { algorithm: 'HS256' });
}
<!-- Nolt library -->
<script async src="https://cdn.nolt.io/widgets.js"></script>
<script>window.noltQueue=window.noltQueue||[];function nolt(){noltQueue.push(arguments)}</script>
<script>
nolt('identify', {
// Replace the placeholder with your JWT
jwt: '<THE_JWT_THAT_YOU_GENERATED_FOR_THIS_USER>'
});
</script>
<!--
Add the data-nolt attribute to enable SSO for this link.
Set data-nolt="modal" if you want to open the Nolt modal
instead of using the regular link behavior.
-->
<a data-nolt href="https://your-board.nolt.io">
Feedback
</a>
By default, Nolt uses its own authentication. If a user is not logged in, we'll ask them to create a Nolt account. If you want to disable this, and only use accounts from your app, you can do so by filling out the Remote login URL field in your SSO board settings. The following steps provide instructions on how to set up the SSO redirect flow on your side:
https://YOUR_BOARD.nolt.io/sso/JWT_FOR_THIS_USER?returnUrl=RETURN_URL
returnUrl
query parameter. Append that value to your SSO board URL. This tells us where to send users after they have been authenticated.Add a Remote logout URL if you want to redirect users to a specific URL after they log out from their Nolt account.