Generate an SSO token
The SSO token is a Base64-encoded JSON document containing the user’s identity and a SHA-512 signature derived from your secret API key. Generate it on your server — never in the browser.
Token shape
{ "username": "Sample User Name", "email": "mous@email.com", "public_key": "ead41e46-a5fd-11e2-bc97-bc764e0492cc", "signature": "<UPPERCASE_HEX_SHA512>"}The signature is SHA512(email + "-" + secretApiKey), in uppercase hex.
Worked examples
import crypto from 'node:crypto';
function generateVuukleSsoToken({ username, email, publicKey, secretKey }) { const sig = crypto .createHash('sha512') .update(`${email}-${secretKey}`) .digest('hex') .toUpperCase();
const payload = { username, email, public_key: publicKey, signature: sig }; return Buffer.from(JSON.stringify(payload), 'utf8').toString('base64');}import hashlibimport jsonimport base64
def generate_vuukle_sso_token(username, email, public_key, secret_key): sig = hashlib.sha512(f"{email}-{secret_key}".encode("utf-8")) \ .hexdigest().upper() payload = { "username": username, "email": email, "public_key": public_key, "signature": sig, } return base64.b64encode(json.dumps(payload).encode("utf-8")).decode("ascii")<?phpfunction generate_vuukle_sso_token($username, $email, $publicKey, $secretKey) { $signature = strtoupper(hash('sha512', $email . '-' . $secretKey)); $payload = [ 'username' => $username, 'email' => $email, 'public_key' => $publicKey, 'signature' => $signature, ]; return base64_encode(json_encode($payload, JSON_UNESCAPED_UNICODE));}Use the token
Embed it in your page’s Vuukle bootstrap:
<script> var VUUKLE_CONFIG = { apiKey: 'YOUR_PUBLIC_API_KEY', articleId: 'post-12345', comments: { auth: { sso: { onClick: openYourLoginModal } }, }, }; (function () { var d = document, s = d.createElement('script'); s.onload = function () { vuukleLogin('YOUR_BASE64_SSO_TOKEN'); }; s.src = 'https://cdn.vuukle.com/platform.js'; (d.head || d.body).appendChild(s); })();</script>Related
Was this page helpful?
Help us improve — drop a note or open the dashboard.