Single Sign-on

This page is intended for the technically-inclined.

As of version 1.6, it is possible to integrate GraphJS with your existing authentication infrastructure. This means, if you have a dynamic application with an existing user registration backend, you may authenticate your online users on GraphJS simultaneously and seamlessly. There are three steps to achieve this:

  1. Present your existing users to GraphJS (using tokenSignup call)
  2. Make sure each new user on your platform is presented to GraphJS, using tokenSignup call. More information is available below.
  3. Every time you will present a GraphJS tag on a page that is shown to your logged in users, create a token with the "secret key" provided to you, and initialize GraphJS with that parameter.

About your single sign-on key

Your single sign-on key is tied to your subscription. To fetch it, sign in to, go to Accounts > Subscriptions -- and it will be there:

If you're using the open source version of GraphJS-Server, then it is set by an environment variable called "SINGLE_SIGNON_TOKEN_KEY". Check out AuthenticationController.php to see its use in action.


The tokenSignup call accepts three parameters; token, username and email where "token" is the "username" encoded with your "secret key". We use AES for symmetrical-encryption. To see how that works in PHP 7.2+, check out:


or in Node.js as follows: (includes the decrypt method too)



The tokenLogin call accepts only a single parameter; token where "token" is encrypted the same way, by AES encrypting the username with your secret key.


You may use single sign-on not only with tags but with call functions as well. Just generate a token and use tokenLogin call to sign your users in automatically.

Should you have any questions, please contact us at, we'd love to hear more about your use case.

Presenting your users to GraphJS

This is pretty simple. All you need to do, on the server-side, is to go through your database in a while loop and:

  1. Fetch all users
  2. Compute "token" for each user, as described above.
  3. Make a GET request to$YOUR-PUBLIC-ID
    amp;token=$THEIR_COMPUTED_TOKEN$ for each user.

The piece of code that handles this GET request on the server-side can be found on Github.

If you're hosting the GraphJS Server on your own, you should change to your domain name.