Auth for Chat
Introduction
Secure token-based authentication system
Overview
Work1 uses a secure token-based authentication system to protect your users' conversations. This guide explains how authentication works, how to generate tokens, and best practices for implementation.
How Authentication Works
Work1 uses JWT (JSON Web Tokens) for authentication. Every chat session requires a valid token that:
- Identifies the user (customer_user)
- Associates the session with your company
- Specifies which AI agent to use
- Defines permissions for the session
- Has a limited lifetime for security
Security Model
graph TB
A[Your Application] -->|1. User logs in| B[Your Backend]
B -->|2. Request token with API Key| C[Work1 API]
C -->|3. Validates API Key| D[Database]
D -->|4. Returns validation| C
C -->|5. Creates customer_user| D
C -->|6. Generates JWT token| B
B -->|7. Returns token| A
A -->|8. Uses token for chat| E[Work1 Widget/SDK]
style A fill:#e3f2fd
style B fill:#fff3e0
style C fill:#e8f5e9
style D fill:#fce4ec
style E fill:#f3e5f5