JWE token SSO (Upcoming)

Single Sign-On implementation using JWE tokens allows your users to seamlessly access Melio's services without separate authentication steps.

By bypassing server to server communication JWE token authentication allows quicker integration and a faster loading times.

Implementation Steps

1. Get an encryption key from the partner portal

Log in to our Partner Portal using the credentials provided to you
Go to the Api and webhooks section and retrieve your "JWE encryption public key" (It should start with -----BEGIN PUBLIC KEY-----)
Go to the App setting section and retrieve your partnerName

2. Create an onboarding payload for your user

Collect user information into a JSON format that will be encrypted. You can see the specification in the embedding-api reference.

Minimum required data:

const onboardingPayload = {
	user: { id: "us142664", email: "jhon.doe@gmail.com" },
	company: { id: "ac51512" },
};

3. Create a JWE token on the backend

On your server, generate an encrypted token:

const jose = require("jose"); // Jose is a robust and secure JWE library
const crypto = require("crypto");
const publicKey = crypto.createPublicKey(publicKey); // publicKey should be the key from step #1, including -----BEGIN PUBLIC KEY-----

const jwe = await new jose.CompactEncrypt(
	new TextEncoder().encode(JSON.stringify(onboardingPayload)),
)
	.setProtectedHeader({ alg: "RSA-OAEP-256", enc: "A256GCM" })
	.encrypt(publicKey);

4. Use the token for authentication

Pass the generated JWE token when embedding Melio.

Implementation Steps​

1. Get an encryption key from the partner portal​

2. Create an onboarding payload for your user​

3. Create a JWE token on the backend​

4. Use the token for authentication​

Implementation Steps

1. Get an encryption key from the partner portal

2. Create an onboarding payload for your user

3. Create a JWE token on the backend

4. Use the token for authentication