How to Enable JWT Single Sign-On


 Enable JSON Web Token (JWT) Single Sign-On (SSO) with ProProfs Knowledge Base. JWT SSO provides access to multiple websites using a single set of credentials. With this authentication method, you can create a digitally signed token in JSON (JavaScript Object Notation) format, which grants users access.


JWT SSO offers several key benefits:


  • Effortless Authentication: Users can access multiple websites with a single set of credentials, eliminating the need to remember multiple passwords.
  • Enhanced Security: JWT SSO utilizes digital signatures, ensuring secure authentication and access control.
  • User Convenience: With JWT SSO, users are authenticated using their email addresses, simplifying the login process.


To Enable JWT Single Sign-On


Step 1: Configure Manual Parameters


Before generating a JWT, you need to define specific parameters manually:


Parameter Type Description
key Required Your Private Site API key (md5 encrypted)
user_email Required User’s Email to grant access to sites
site_access Optional Site ID's (comma-separated) for access (leave empty if not needed)
guest Optional Default value is true. Set to false if guest access is not required




  • You can obtain your API Key by going to SettingsPrivate sites.
  • Site ID can be found by navigating to Sites > Manage sites.


Step 2: Automatic Parameters


The following parameters are generated automatically:


Parameter Type Description
iat Required Token Issued at Time to make it valid for 3 minutes (Current Unix timestamp)
jti Required Token JWT ID to prevent reuse (Random hash, minimum 32 characters long)



Step 3: Implement PHP Code


To enable JWT SSO, insert the provided PHP code into your server. Make sure to customize it according to your needs:


$domain = “”; // Change to your domain here
$key = md5("key goes here"); // Change to your md5 encrypted key
$user_email = "";  // Add the email of the current login
$site_access = "44567,77898";  // Access of site (Enter Site ID here)
$now = time();
// Create token header as a JSON string
$header = json_encode(['typ' => 'JWT', 'alg' => 'HS256']);
// Create token payload as a JSON string
$payload = json_encode([
   "iat" => $now,
   "jti" => md5($now . rand(100, 10000)),
   "user_email" => $user_email,
   "site_access" => $site_access,
   "guest" => true, // Set to true or false (optional)
// Encode Header to Base64Url String
$base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header));
// Encode Payload to Base64Url String
$base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload));
// Create Signature Hash
$signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, $key, true);
// Encode Signature to Base64Url String
$base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature));
// Create JWT
$jwt = $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature;
$return_url = $domain . "/access/jwtsso/?token=" . $jwt;
header("location: " . $return_url);


NOTE: Ensure that you've entered your Domain name, API Key, and Site ID.


Step 4: Save the changes you've made.


With these steps, you can enable JWT Single Sign-On for ProProfs Knowledge Base, providing your users with a secure and convenient authentication method.


That's all about enabling JWT Single Sign-On. If you encounter any issues or have any questions, don't hesitate to reach out to our support team


Was this information helpful?
© 2005 - 2024 ProProfs
add chat to your website