Client Authentication in PSPDFKit Instant

Instant sync and collaboration is available when using the Web SDK with Document Engine in server-backed operational mode.

The JSON Web Token (JWT) is signed with a private key on your server and verified with a public key on Document Engine.

When using PSPDFKit for Web Server-Backed, your client needs to authenticate itself with your running Document Engine instance. To do this, you need to generate a JSON Web Token (JWT). In most cases, your own backend application will generate a JWT that’s sent to your users.

Your users then use the JWT your app supplied to authenticate themselves with PSPDFKit for Web, which will then return only the data the user is allowed to see. In general, a JWT will give the user access to a specific document and Instant layer combination. If you’re using Collaboration Permissions, the JWT can also control which actions the user can take and which resources the user can see.

If you’re having trouble generating valid JWTs, we have a guide that shows you how to validate JWTs using the Document Engine dashboard.