Django
Django endpoint example for signing Jupid Embed tokens.
Use PyJWT to sign a short-lived token from an authenticated Django view.
Settings
JUPID_EMBED_PARTNER_ID = "your-partner-id"
JUPID_EMBED_AUDIENCE = "jupid-embed"
JUPID_EMBED_SECRET = os.environ["JUPID_EMBED_SECRET"]Token endpoint
import time
import uuid
import jwt
from django.conf import settings
from django.contrib.auth.decorators import login_required
from django.http import JsonResponse
def build_jupid_payload(user):
return {
"company_name": user.profile.company_name,
}
@login_required
def jupid_embed_token(request):
now = int(time.time())
user = request.user
payload = {
"iss": settings.JUPID_EMBED_PARTNER_ID,
"aud": settings.JUPID_EMBED_AUDIENCE,
"sub": str(user.pk),
"email": user.email,
"name": user.get_full_name(),
"payload": build_jupid_payload(user),
"iat": now,
"exp": now + 300,
"jti": str(uuid.uuid4()),
}
token = jwt.encode(
payload,
settings.JUPID_EMBED_SECRET,
algorithm="HS256",
headers={"typ": "JWT"},
)
return JsonResponse({"token": token})Frontend mount
<div id="jupid-embed" style="height: 100%; min-height: 720px"></div>
<script src="https://jupid-staging-app.example.com/embed.js"></script>
<script>
async function openJupid() {
const response = await fetch("/api/jupid/embed-token")
const data = await response.json()
JupidEmbed.mount({
partnerId: "your-partner-id",
token: data.token,
container: document.getElementById("jupid-embed"),
initialPath: "/",
appUrl: "https://jupid-staging-app.example.com",
})
}
openJupid()
</script>Security checklist
- Protect the token endpoint with normal Django authentication.
- Keep
JUPID_EMBED_SECRETserver-only. - Use the durable user primary key for
sub. - Send the same
subevery time for the same partner user. - Keep token expiration short.