Hi there,
We would like to create a portal where our readers can access using a token, such as a JWT token.
Here’s how it should work: A user clicks a button on another platform of ours to navigate to the Ghost dashboard. From the backend, we generate a JWT token for them, which is then included in the URL parameters for our Ghost dashboard. Ghost verifies the JWT, grants read access, and extracts, for example, the reader’s name and userId from the token. At the same time, our readers should not have to go through any registration process.
Additionally, is it possible to check the connected user, for instance, by their userId extracted from the JWT token? Specifically, could we send an HTTP request to another service of ours, and if it returns something like isValid: false, prevent the user from accessing the Ghost dashboard?