Authenticating users with JWT tokens

User JWT tokens

Using JWT tokens provides the greater flexibility than "Sign in with Google" and other third party providers, but also requires some development work on the part of the event host. With tokens, the event host can support seamless authentication integration with their own platform where attendees are already logged in.

Public and private keys

In order to generate tokens, you will first need to generate a public/private RSA key pair. For example, if you are on Linux or Mac:

ssh-keygen -b 2048 -m PEM -t rsa -f socialhour.key -q -N ""
openssl rsa -in socialhour.key -pubout -outform PEM -out

In the Settings section of your Social hour event, paste your public key from When you open the resulting file, it should look something like this:

-----END PUBLIC KEY-----

Generating the token

With keys generated, you can now create and sign user tokens. For example, with Node.js:

const jwt = require('jsonwebtoken');
const fs = require('fs');
const privateKey = fs.readFileSync('./socialhour.key');
const token = jwt.sign({
  displayName: 'Larry David',
  email: '',
  userProfile: [
    ['organization', 'Seinfield'],
    ['title', 'Producer'],
    ['interests', 'comedy']

The displayName field is required; other fields are optional. The avatarUrl field should refer to a publicly accessible avatar image. If none is provided, a default image will be generated using the initials from the given displayName.

Now, add this token in the event url:


Best practices

It is most likely in your interest to generate tokens with a near-term (~300 seconds) expiration time. Ideally, when a user clicks a link on your platform intending to visit Social hour, it is at that point when you should dynamically generate the token, and send the user along to Social hour (e.g., via 302 redirect).

It is also possible to generate long-lived tokens, but remember that anyone who follows that link will be logged in as that user on So it is best to avoid directly including token links in formats like emails or chat channels; better to generate on the fly as needed.