​Once a site owner installs an app, it appears in the My Apps page of the Settings are of the editor (or by clicking on Manage in the Element sidebar under Apps).

​If your app requires some sort of site owner configuration or management, and it’s not an element with settings, or if it requires additional configuration from those settings, you can configure a URL in the manifest that links to a page on your site where the app can be managed, for example, https://your_rad_site.com/weebly/manage.

​When you provide a URL, a Manage button displays next to the apps in the My Apps page. ​

Site owners view all installed apps from the My Apps page

​ To set a manage URL, in the app manifest set manage_app_url to the url where a site owner can manage the app. This URL must use the https protocol.

​For example:

{
    "manifest": "1",
    "version": "1.2",
    "client_id" : "12345",
    "callback_url" : "https://your_rad_site.com",
    "manage_app_url" : "https://your_rad_site.com/weebly/manage",
    "scopes": ["read:site", "write:site"],
    "oauth_final_destination" : "editor",
    ...
}

​Weebly uses the JSON Web Token (JWT) standard for managing installed apps. When a site owner clicks this link, JWT is used to inject the following information:

  • user id
  • site id
  • element id
  • iat (Issued at timestamp - i.e. the time the token was generated)
  • the site owner’s language
  • jti (JWT token ID)

That info is sent to your manage URL. 

​You decode the JWT using your app’s secret (found on your app’s admin page in the Developer Admin portal) to get the information in the token. ​ ​JWT tokens are encoded using the HS256 algorithm. If you’ve included a JWT library such as the Firebase PHP JWT library, you can decode the token with the following PHP code:

$decoded = JWT::decode($_GET['jwt'], $client_secret, array('HS256'));

There are many client libraries for JWT, and an online fiddle for it at http://jwt.io/.


Help make these docs better!









Tags:
oauth