Important

This feature is currently in Early Availability (EA) status. For more information, see our product lifecycle phases.

Integrate external APIs with secure tokens

Introduction

The extension system supports integration with external APIs outside the marketplace. Access to those APIs is authenticated using Cross-Origin Resource Sharing (CORS) headers and JSON Web Tokens (JWT). You can use this for third-party integrations, data visualization, analytics, and other custom data sources.

Key features

1. Third-party integrations: Integrate third-party applications or services into your extension—for example, analytics dashboards or custom UI workflows.

2. Security and data control: CORS headers and JWT provide secure API communication and data protection.

How it works

1. In your extension, use the provided function to fetch a JWT from the marketplace and attach it to requests to your API.
2. In your API, validate the token to ensure the request comes from the marketplace.

Related guides

1. Fetch tokens in the extension: How to retrieve JWT tokens in your extension.
2. Validate tokens in your API: How to validate JWT tokens for secure API communication.
3. Secure token system: JWT and CORS setup reference.