User Enablement - Generic
Step 1 - Create a JWT for the User
The User Enablement process is fairly simple. Somewhere in your application, you need to generate a JSON Web Token (JWT) that includes the login name for the user and a few other properties including an expiration claim (more details below). The JWT will need to be signed in your backend application code with the NL3 Domain Key associated with your application. The signature will be verified on our end to ensure the request for enablement is coming from your application. Here is a sample header and payload for the JWT:
Header
{
"typ": "JWT",
"alg": "HS256"
}
Payload
{
"iss": "www.myapplication.com",
"iat": 1642525200,
"exp": 1674061200,
"aud": "auth.nextlevel3.com",
"sub": "myuser@myapplication.com"
}
Step 2 - Add Redirect to Next Level3
The next step is to add an NL3 User Enablement workflow in your application. This could be something as simple as a link that says “Click here to enable NL3 protection” or a checkbox on the user’s profile screen. However you choose to implement the workflow, enablement occurs when your application redirects the user or opens a new tab or browser window and passes the JWT created in Step 1 to our website in the “auth-token” query parameter (e.g. https://cloud.nextlevel3.com?auth-token=<JWT created in Step 1>). Then, the user will login with an existing NL3 account or signup for a new one to link their application login with an NL3 account they can use to manage their protected accounts’ lock status.