Developer FAQ
      Back to home
      1. HelpDesk
      2. Developer FAQ

      Can I use Magic with JWT?

      Yes! You can simply use Magic for authentication, and your own JWT implementation for authorization.

      Here's high-level how JWT would work with Magic:

      1. User logs in with Magic, you're returned the DID token
      2. Validate the DID token in your backend with our admin-sdk <magic.token.validate(did)> method
      3. Call our admin-sdk method <magic.user. getMetadataByToken(did)> to grab the user's unique ID and email address
      4. Store that data inside a JWT token and then move forward with your JWT implementation
      5. On subsequent requests to your server, just verify the JWT

      For example:

      The client-side <magic.user.getMetadata()> while I'm logged in returns:

      { 
           "issuer": "did:ethr:0xB6fA0Cc4Af592e4405Aea2bDc53676b6Bd13A3E2", 
           "publicAddress": "0xB6fA0Cc4Af592e4405Aea2bDc53676b6Bd13A3E2", 
           "email": "hunter@magic.link" 
      }


      Wrapped in a JWT, that is:

      eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3N1ZXIiOiJkaWQ6ZXRocjoweEI2ZkEwQ2M0QWY1OTJlNDQwNUFlYTJiRGM1MzY3NmI2QmQxM0EzRTIiLCJwdWJsaWNBZGRyZXNzIjoiMHhCNmZBMENjNEFmNTkyZTQ0MDVBZWEyYkRjNTM2NzZiNkJkMTNBM0UyIiwiZW1haWwiOiJodW50ZXJAbWFnaWMubGluayJ9.q8wCR9GgpmvGIFIRYQoEWYtn5Kui-HO5XfpYnEvzoAY


      Just enter that JWT on https://jwt.io to see it decoded back into the metadata object.

      View our guide on this here https://magic.link/posts/magic-jwt