Recipes

Drop-in code for your stack.

Sign the identity JWT on your server in any language; render the widget on the client in any framework. Every snippet uses the same claim contract.

Server — sign the JWT

The JWT is signed HS256 with your tenant Embed Secret. Any language with a JWT library works — you don't need our SDK.

Server recipes

Node (with @onpilot/node or any JWT lib), PHP (Laravel/Symfony/WordPress), Python (Django/Flask/FastAPI), Ruby (Rails), Go.

Client — render the widget

Pass the JWT to the React component or the script tag's data-identity-token attribute. Frameworks differ in how they thread the token from server to client — these recipes show the pattern for each.

Client recipes

Next.js (App Router + Pages Router), Remix, Vite / CRA, Angular, plain HTML.

SDK & APIIdentity tokens