Hi, im new with all to JWT and all of that, i have a ext running and approved, but now i want to add a form that the viewer can send to my EBS and store that, ok, how should i do it? Cuz i can get the userid in the onAuthorized fuction and send it to my EBS, but how i send the msg? With a ajax.get? Ok but how i can know that this get is from the ext and from that user and not from another faker user? I just want for example get the valor from a textinput and send it to my EBS with the twitchid, for example just send a hello world associated to the userid when i click in a buttom.
Thx if someone whant to help a bit ^^
You should read up on the basics of JWTs. They have three parts to them, one of those being the signature which can be used to verify the information hasn’t been tampered with. The signature in this case uses the shared secret you can view in the extension dashboard for signing.
So on your EBS you’d receive the incoming request that contains the JWT and form data, and you’d want to first verify the JWT is valid before deciding what to do with the data. There are various libraries that you can use to decode JWTs with your shared secret. You’ll have access to a persistent Twitch userId only if you’ve explictly required that functionality for your extension.
That website’s main page has a great little tool that you can play around with to view all that is contained in the token you receive from onAuthorized, and get a good idea of how JWTs work.