Enable advanced security for client-side API Keys
JWT-based authentication is a mechanism in which you can authorize a call to a Crossmint API, scoping such calls to impact resources related to a single end-user on your platform. You have three options available when enabling this option.
This option makes the most sense if you’re starting a new application and do not have a pre-existing auth provider. You may also want to swap out your existing auth provider if you wish to consolidate your API providers and handle everything with Crossmint.
To use this option, select the Crossmint Auth option within the JWT Authentication section of the API keys page in the Developer Console.
For projects that have already implemented authentication using one of the supported providers, you can provide Crossmint with the appropriate project/environment/app ID from the settings page of the third party. Supported providers include: Dynamic, Auth0, Stytch, Privy, and Firebase.
To use this option, select the 3P Auth providers option, then choose your provider from the dropdown. Next, you’ll need to find the appropriate ID that your provider gives you to identify your project. This can typically be found within the settings pane of their web interface.
If your project is using an auth provider not listed in the 3P providers list or is a home-grown JWT solution, you can choose the Custom tokens option. You will need to be able to provide a that Crossmint can use to authenticate the JWTs.
For a detailed guide on implementing this approach, check out the Custom JWT Authentication Guide.
Enable advanced security for client-side API Keys
JWT-based authentication is a mechanism in which you can authorize a call to a Crossmint API, scoping such calls to impact resources related to a single end-user on your platform. You have three options available when enabling this option.
This option makes the most sense if you’re starting a new application and do not have a pre-existing auth provider. You may also want to swap out your existing auth provider if you wish to consolidate your API providers and handle everything with Crossmint.
To use this option, select the Crossmint Auth option within the JWT Authentication section of the API keys page in the Developer Console.
For projects that have already implemented authentication using one of the supported providers, you can provide Crossmint with the appropriate project/environment/app ID from the settings page of the third party. Supported providers include: Dynamic, Auth0, Stytch, Privy, and Firebase.
To use this option, select the 3P Auth providers option, then choose your provider from the dropdown. Next, you’ll need to find the appropriate ID that your provider gives you to identify your project. This can typically be found within the settings pane of their web interface.
If your project is using an auth provider not listed in the 3P providers list or is a home-grown JWT solution, you can choose the Custom tokens option. You will need to be able to provide a that Crossmint can use to authenticate the JWTs.
For a detailed guide on implementing this approach, check out the Custom JWT Authentication Guide.