Memberstack uses JWT tokens to store a members session while they are logged in. You can use the token in your own API to identify the user.
Important: Please verify the signature of the token to confirm that Memberstack was the party that created it.
You can use
MemberStack.getToken() client side to retrieve the token that Memberstack set for the member (will be empty if a member is not logged in). You can pass that token to your own API.
Please verify the token has the following properties.
"kid" "Must match a key found at https://api.memberstack.io/metadata/v1/public-keys"
You can now verify the token was signed by a private key corresponding to the token's
You can find public keys at https://api.memberstack.io/metadata/v1/public-keys