JWT Plugin

The JWT plugin allows identification of your site's users through a JWT (JSON Web Token). It is essential for all features that require recognizing a logged-in visitor.

Note: Activation and configuration of this plugin are reserved for administrators.

What is the purpose of this plugin?

When the IAM plugin is activated, Butterfly can verify the identity of your site's visitors via a JWT transmitted in their requests. This allows you to:

  • Restrict access to posts marked as private (only authenticated users can view them)
  • Identify visitors for personalized features (comments, favorites, etc.)
  • Secure exchanges between your front-end site and the Butterfly API

How does JWT authentication work?

  1. A user logs into your site
  2. Your authentication system issues them a JWT token
  3. This token is transmitted in requests to the Butterfly API
  4. The IAM plugin verifies and decodes the token to identify the user

Note: JWT is a widely used open standard (RFC 7519) for web authentication. It contains user information securely and verifiably.

Activating the plugin

  1. Go to Administration > Plugins
  2. Click on IAM
  3. Toggle the activation switch
  4. Configure the token validation settings (secret key, algorithm, etc.)
  5. Save

Link with private posts

Once the IAM plugin is activated, the Private option during the creation of a publication becomes fully functional. A private post will only be accessible to visitors with a valid JWT token.

Tip: Combine the IAM plugin with private posts to offer member-only content, premium articles, or internal resources.

Need more help?

Can't find what you're looking for? Our support team is here to help.

Contact us