Membrane Token
Membrane Token Authentication
Membrane Token authentication uses Membrane's built-in token system for authentication. This is typically used for internal connectors or services that are aware of Membrane.
Membrane Token authentication is useful for:
- Services that are specifically designed to work with Membrane
- Testing and development scenarios
Configuration
In your spec.yml:
auth:
type: membrane-tokenWith this authentication method, Membrane will add authentication headers to all requests to your API. It will contain a JSON Web Token signed by the Workspace Secret. The token will contain the following claims:
iss- Issuer, will be the key of the workspace integration runs in.sub- Subject, will be the ID of the user who owns the integration being run.fields- Fields of the user who owns the integration being run.
Headers
When using membrane-token authentication, Membrane sends two headers for backward compatibility:
X-Membrane-Token- The new, correctly named header (recommended)X-Integration-App-Token- Legacy header (for backward compatibility)
Both headers contain the same JWT token value.
You can decode and verify either token to authenticate the request:
import jwt from 'jsonwebtoken'
// Use the new header (recommended)
const token = headers['x-membrane-token'] || headers['x-integration-app-token']
const workspaceSecret = process.env.WORKSPACE_SECRET
// Verify token
const decoded = jwt.verify(token, workspaceSecret)
// decoded will contain: { iss, sub, fields }Migration from Integration App Token
If you're migrating from integration-app-token authentication:
- Update your connector spec to use
type: membrane-token - Optional: Update your code to read from the
X-Membrane-Tokenheader instead ofX-Integration-App-Token - The
X-Integration-App-Tokenheader will continue to be sent for backward compatibility
Legacy Support
For backward compatibility, connectors using the deprecated integration-app-token type will continue to work and will only receive the X-Integration-App-Token header.
Updated 15 days ago