This is a legacy authentication method. We recommend you use Game Redirect Login instead.
With JWT authentication, when a player clicks the deeplink to open the checkout page, they are automatically authenticated using their player ID. An approval request appears, showing the player’s name and image, and asks them to confirm their identity. If the player approves, they are directed to the checkout page. If they decline or close the prompt, they are logged out and must reopen the link to try again. This confirmation popup appears only once per session to reduce friction and avoid interrupting the player experience repeatedly. Follow the steps below to set up your checkout link offer using the JWT authentication method.

Step 1 | Integrate Appcharge with your platform

Before creating a checkout link offer, follow the steps to integrate Appcharge with your broadcast platform or custom distribution system:
  1. Go to the Settings tab in the Publisher Dashboard and click Integration.
  2. Toggle on Enable Deeplink JWT Secret to generate a secret key.
  3. Copy the value of the generated Deeplink JWT Secret.
  4. Add the secret to your broadcast platform configuration, or if you are using your own custom distribution system, save the secret to use after you’ve created the checkout link offer.
Follow the steps in the article to create and manage a checkout link offer in the Publisher Dashboard. Alternatively, you can create and update checkout link offers using the Checkout Link Offers API.

Step 3 | Design the approval popup (optional)

You can fully customize the approval request screen to match your branding: In the Publisher Dashboard, go to Builder > Approval Request to customize the popup. If you choose not to customize the popup, it will use the default Appcharge configuration. Once you’ve created a checkout link offer, you’ll receive a deeplink. Before sharing it with players, secure the deeplink with a signed JWT, then distribute it according to your platform or system.

Broadcast platform

If you’re using a broadcast platform, such as a social media automation tool, add the deeplink to your platform’s distribution message. Make sure your JWT secret is added to the platform’s configuration settings, as described above.

Custom distribution system

If you’re using a custom distribution system, you’ll need to manually generate a signed token (JWT) and append it to the deeplink. This makes the link secure and targeted for each player. To do this:
  1. Create a JWT object with the following parameters and sign it using HS256 Algorithm:
    ParameterRequired?TypeDescription
    playerIdYesNumberPlayer ID.
    originalLinkYesStringDeeplink offer URL.
    iatYesTimestampTimestamp when the player was redirected to the web store.
    Example code 
    import * as jwt from 'jsonwebtoken';


const secret = 'YOUR_SECRET'; // Your Deeplink JWT Secret from the Publisher Dashboard
const originalLink = 'YOUR_DEEPLINK_OFFER_URL'; // The deeplink created earlier

const signed = jwt.sign(
   {
      playerId: 'PLAYER_ID',
      iat: Date.now(),
      originalLink: originalLink,
   },
   secret,
   { algorithm: 'HS256' },
);
  2. Append the signed JWT token as a query parameter to the deeplink: 
    const redirectUrl = `${originalLink}?acjwt=${signed}`;
  3. Distribute this redirectUrl to players.
    Always generate and sign JWTs on your backend. Never expose your Deeplink JWT Secret in client-side code.