Skip to main content
Version: v3

Securing data exchange

After finishing this guide, you will be able to move to production with a server-side authentication, providing the most secure import for your customers.

3 Easy Steps

1. Set up the server

Install the JWT library

What is JWT?

Install the package and import it in your code.

$ npm install --save jsonwebtoken

Sign the JWT

Add an endpoint on your server that authenticates a user which uploads the data. You will be able to provide user's personal and company information to Flatfile.

const express = require("express");
const app = express();
const jwt = require("jsonwebtoken");

// This is a public Embed ID and a private key.
// Private key should be used to sign a JWT.
const EMBED_ID = "5265032a-5988-4004-a77c-a2390088f945";

app.use(express.json());"/auth-flatfile", async (req, res) => {
// Replace this constant with current user's information.
const user = {
id: 1,
email: "",
name: "Max",
// Replace this constant with current user's company infromation.
const org = {
id: 1,
name: "Flatfile",
const token = jwt.sign(
embed: EMBED_ID,

res.send({ token });

app.listen(4242, () => console.log("Node server listening on port 4242!"));

2. Request data from user [Client]

Provide a callback function inside `token`, which will fetch and return the JWT from your server.

token: async () => {
const response = await fetch("/auth-flatfile", {
method: "POST",
headers: { "Content-Type": "application/json" },
const { token } = await response.json();

return token;
onData: (chunk, next) => {
// Do something...