Users and Authentication
If you want to remember Users and their Data, you need to generate User Token use pass it with SDK and REST API.

Generate User Token

We use the JSON Web Tokens (JWT). To generate a token, you need to:
Go to App Settings in the Integration Console and grab your app's Key and Secret
Get a library that can sign JSON Web Tokens. You can find a bunch of them at
Sign a token using your app's Secret as a signing key and your app's Key as issuer. This way we'll know which app the user is coming from.
Add the following data to the token:
  • id - an unique ID of your user.
  • name - optional user's name. It is used to make finding users in Console easier.
  • fields - any data you want to associate with the user, like user's credentials required to call your API. See more in the "User Fields" and section below.
import jwt from 'jsonwebtoken'
const USER_TOKEN = jwt.sign(
fields: {
apiKey: "afd591f0-b06c-4819-a70d-e57026c99e8b"
issuer: APP_KEY,
expiresIn: 7200
Important! Generate tokens on your servers. Never expose your app's Secret to user's browser and client-side applications - it will lead to bad things happening.

Add User Access Token to API Calls

While using SDK, you can pass the User Token to the init method:
IntegrationApp.init({userAccessToken: USER_TOKEN})
Alternatively, you can pass userAccessToken directly to the SDK methods:
userAccessToken: USER_TOKEN
If you make API requests to the engine directly, add the User Token to the Authorization header:
Authorization: Bearer <USER_TOKEN>

User Fields

When you want to associate data with your users, you should use User Fields. You can configure the list of fields on the Settings page in Console:
User Fields Schema in Console
After you configure Fields Schema, you can start using fields in configuring Flows, App Events, and in other places like this:
The most common use of User Fields is providing credentials for to access your API on behalf of the current user. For example, if you are importing objects from a third-party app, you want to send the objects to your API at the end of the flow. To do this:
  1. 1.
    Add API Key (or whichever credentials your API accepts) to User Fields Schemea
  2. 2.
    Add the field to the JWT Access Token you generate for this user.
  3. 3.
    Use User > Fields > Api Key variable in HTTP Request node configuration (usually in Headers).
Copy link
Generate User Token
Add User Access Token to API Calls
User Fields