Legacy Docs

User Tokens

Argyle utilizes user tokens to identify and authenticate users.


Every embedded Link initialization requires a new user token. For security, user tokens expire in 1 hour.

Benefits of user tokens#

  • Account reconnections without the need to re-enter login credentials
  • Ability to leave and return to Link from any device
  • Preventing duplicates for the same end user

Creating a user token#

To prevent your API key and secret from being exposed on the front-end, request user tokens on your server side.

New users#

  1. Create a new user by sending a POST request to the API's /users endpoint.
  2. The response payload will include an id and user_token.
  3. Save the id for quickly creating user tokens for returning users in the future.
  4. Initialize Link by passing the user_token as the value for the userToken parameter.

Returning users#

  1. Send a POST request to the API's /user-tokens endpoint and include the id of the user in the request body as a JSON object in the format {"user": "<id>"}.
  2. A user_token will be included in the response payload.
  3. Initialize Link by passing the user_token as the value for the userToken parameter.
1<!DOCTYPE html>
2<html>
3
4<head>
5    <meta charset="utf-8" />
6    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
7</head>
8
9<body>
10    <script src="https://plugin.argyle.com/argyle.web.v5.js"></script>
11    <script type="text/javascript">
12        const linkInstance = Argyle.create({
13            linkKey: 'YOUR_LINK_KEY',
14            userToken: 'USER_TOKEN',
15            sandbox: true // Set to false for production environment.
16        })
17        linkInstance.open()
18    </script>
19</body>
20
21</html>

Decoded tokens#

Argyle utilizes JWT tokens for user tokens.

For troubleshooting, JWT tokens can be decoded. However, we do not recommend monitoring individual token fields such as expiry date, and instead recommend creating a new user token every time Link is to be initialized as a best practice.

1
2{
3    "client_id": "0d9b5bf3-97fa-4757-a136-b2a03d171414",
4    "exp": 1652481485,
5    "iat": 1649889485,
6    "iss": "argyle-core-auth-prod",
7    "jti": "00097a26-2f2a-4aa0-8eca-95ebe56d57a8",
8    "sub": "017f8978-bbfd-ff64-18ce-d59f99bf51c2",
9    "user_id": "017f8978-bbfd-ff64-18ce-d59f99bf51c2"
10}