Embed Widgets Using Node Backend
cut in from zoom meeting
Key takeaways Creating a secure backend REST API service for generating JWT tokens to embed Qrvey A widgets Using Node.js with Express, Axios, and CORS frameworks to build the service Configuring proper security parameters for the JWT token generation Understanding required properties for the Qrvey API call: version, expiresIn, appId, userId, clientId, and orgId Discussed topics Setting up a Node.js project for JWT token generation Natan Cohen demonstrated how to create a backend service for generating JWT tokens to securely embed Qrvey A widgets.
Embed Widget Using Node Backend Tutorial
The following tutorial video shows how to create a backend in Node for securely encrypting widget properties using JWT tokens.
Tags: Widgets, Embedding, Backend
Details Natan Cohen: Introduced himself as Head of Customer Success at Qrvey Natan Cohen: Explained the purpose of creating a backend REST API service for JWT token generation Natan Cohen: Recommended Node.js as the backend framework due to ease of installation and REST API creation Natan Cohen: Showed how to install Node.js and verify installation with node-v and npm-v commands Natan Cohen: Demonstrated creating a new directory and initializing it as a Node project with npm init Conclusion Node.js is an appropriate choice for creating a backend service for JWT token generation Visual Studio Code was selected as the editor for the project Building the REST API with Express, Axios, and CORS Natan walked through the process of creating the API endpoint using three key frameworks. Details Natan Cohen: Created app.js file as the main application file Natan Cohen: Explained the need for three frameworks: Express (for REST API), Axios (for making API calls), and CORS (for security) Natan Cohen: Showed how to install the frameworks using npm install commands Natan Cohen: Configured the server to listen on port 3000 Natan Cohen: Set up CORS options to control which clients can access the API Natan Cohen: Created a basic endpoint at /api/getQrveyAJWTToken that initially returned a simple JSON response Natan Cohen: Tested the endpoint in a browser to confirm it was working Conclusion The basic REST API structure was successfully created and tested CORS configuration is important for securing the service Implementing the Qrvey API call Natan demonstrated how to call the Qrvey API to generate the JWT token. Details Natan Cohen: Referenced the Qrvey partner portal documentation for the GenerateWidgetSecurityToken endpoint Natan Cohen: Explained the required properties for the API call: version (set to 2 to support higher payload) expiresIn (defaults to 1 week, can be 1 second to 1 year) appId (ID of the application containing the content to embed) userId (ID of the user who owns the application) clientId (ID of the end user, set to same as userId for simplicity) orgId (set to "org:0" for full access) Natan Cohen: Showed how to use Axios to make the API call to the Qrvey endpoint Natan Cohen: Explained how to pass the API key in the X-API-Key header Natan Cohen: Demonstrated restarting the Node server and testing the endpoint Conclusion The API successfully returned a JWT token that can be used for embedding Qrvey A widgets Setting clientId to the same as userId gives access to all dashboards Using "org:0" for orgId provides access to the parent master organization Action items Viewers Install Node.js and Visual Studio Code Create a directory for the project and initialize it with npm init Install required packages: Express, Axios, and CORS Create app.js file with the demonstrated code Replace placeholder values with specific Qrvey A instance URL, appId, userId, and API key Test the endpoint to ensure it returns a valid JWT token Lock down CORS settings for production use