Pelcro uses JSON Web Token (JWT), an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted as it is digitally signed.
Once the user has registered or has logged in, each subsequent request to protected endpoints requires the JWT token containing the identity of the customer to be provided in the Authorization header, prefixed with the Bearer token.
This implementation makes it easy to implement Single Sign-On across different domains and properties.
All
Pages