Help Center

| Submit or View Help Requests | Developer Docs |

Progress

  1. impact.com Help Center
  2. I'm a Brand
  3. Microsite Experiences

View desktop instructions
View mobile app instructions
Set Up SSO for an impact.com Microsite via JWT

Published on: Thu, 8 May, 2025 at 6:00 AM  |  Updated on: Thu, 8 May, 2025 at 8:00 AM

Your Advocate program's microsite typically requires your customer advocates to sign up with a username and password before they can access their share links and reward details. However, as an advanced alternative, you can instead authenticate users by generating a JSON Web Token (JWT) [External link] server-side and passing it to the microsite via a URL parameter. This JWT contains all the necessary information to identify the participant and display their personalized content.

Before you begin

Important: This is an advanced implementation that bypasses the standard Managed Identity Service for the microsite and requires support from your developer team to set up.

You should only use this method if all of the following apply:

  • You want to simulate a single sign-on (SSO) experience by automatically logging participants into your program's microsite.

  • You can generate JWTs server-side.

  • You can't or don't want to install the Universal Tracking Tag (UTT) onto your site.

Step 1: Create a microsite without managed identity

When you create your microsite, you'll need to turn off the Managed Identity Service, then set all your pages to be accessible to "unverified" users. The Dashboard page will use the JWT to authenticate the user and load the microsite.

Create the microsite

First, use auto setup to create a microsite. Then turn off the Participant Login option.

  1. From the left navigation menu, select [Engage] [Engage] → Content.

  2. On the Microsite card, select Setup Referral Microsite.

  3. Under Auto setup, select Setup Referral Microsite to create the microsite. You'll then be redirected to your new Microsite Settings page.

  4. Within the Login section, [Toggle off] [Toggle off] Participant Login.

Configure the Dashboard page

Next, configure your microsite's Dashboard page to be visible to unverified users. Then, connect the components on the page with your referral program so the right information appears.

  1. Adjust your site's Dashboard page settings.

    • Hover your cursor over the page.

    • Select [More] [More] → Settings.

    • From the Inherited layout drop-down list, select Base Layout.

    • From the Allowed users drop-down list, select Unverified.

  2. Add your program ID to the components on the Dashboard.

    • User Stats — You must add it to each stat

    • Share Link

    • Referral code

    • Social media buttons — You must add it to each button

  3. At the top-right corner, select Save.

    microsite_autosetup.gif

For help with using the editor to find and adjust your page and component settings, refer to Microsite Editor Explained and Customize Microsite Layouts & Pages.

Remove unnecessary pages

Remove the layout and pages that your microsite won't use.

  1. Hover your cursor over the page or layout.

  2. Select [More] [More] → Delete.

  3. Remove the Logged In Layout.

  4. Remove the following pages:

    • Activity

    • Edit Profile

    • Email Verification

    • Forgot Password

    • Login

    • Logout

    • Register

    • Reset Password

    • Verify Email

Step 2: Generate the JWT

The JWT structure follows standard Advocate requirements for user authentication. If you've integrated Advocate before, you're likely already generating similar tokens for UTT.

You must generate the JWT securely on your server or any trusted backend system—never in the browser.

Learn how to generate a JWT and the payload requirements.

Step 3: Append the JWT to the microsite URL

Once the user is logged into your platform, redirect them to the microsite with the JWT included in the URL query string.

Example: https://your-microsite.squatch.app/?jwt=<YOUR_GENERATED_JWT>

You can either open the microsite in a new browser tab, or embed the microsite in your app using an iframe. If you decide to embed the microsite, make sure you handle cross-origin resource sharing (CORS) [External link] and browser restrictions appropriately.

Notes

  • If you use this authentication method, users won't have login credentials for the microsite.

  • JWT-based access must be tightly controlled. Don't expose or manipulate it in client-side JavaScript.

  • This is a non-standard approach — test it thoroughly in your staging environment before rolling out your program.

  • If you need support, include your microsite URL, implementation details, and a sample JWT payload in your support request.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Related Articles