Skip to content

Arcana JWT Token

Estimated time to read: 2 minutes

Upon successful authentication, Arcana Auth SDK returns a unique JWT token to the app. This token is generated upon successful authentication via any of the supported methods of the AuthProvider:

  • Plug-and-play login connect()
  • Custom login UI methods such as loginWithSocial(), loginWithLink() (deprecated), loginWithOTPStart,loginWithOTPComplete and loginWithBearer()

User validation

After the user authenticates through the chosen social login provider, the Arcana Auth SDK receives the JWT token. It verifies the user with this token, and then creates and returns an Arcana JWT token to the app.

Developers can use getUser() method to access the JWT token via the UserInfo return value. This token expires after 3 minutes.

JWT Token

It is recommended that the app developer must first verify the token returned by Arcana. After verification, developers must create another app-specific JWT token, if required, and use the subsequent token in the app.

/* Make sure
   1. AuthProvider is created and initialized via .init() call
   2. User is onboarded via plug and play login UI .connect() call 
      with custom login UI loginWithSocial, loginWithLink (deprecated), `loginWithOTPStart` and `loginWithOTPComplete`, loginWithBearer calls
try {
  const userInfo = await auth.getUser();
  const jwtToken = userInfo.loginToken;
  console.log("Arcana JWT Token: ", jwtToken);
} catch (e) {

Last update: July 2, 2024 by shaloo, shaloo