integrated_apps: id app_name (e.g., attendance, grading) app_secret (for service-to-service) redirect_uris (JSON) POST /api/v1/auth/login
Response:
// Middleware to protect integrated modules function requireAuth(req, res, next) const token = req.headers.authorization?.split(' ')[1]; try const decoded = jwt.verify(token, process.env.JWT_SECRET); req.user = decoded; next(); catch res.status(401).json( error: 'Invalid or expired token' );
"access_token": "jwt...", "refresh_token": "ref...", "expires_in": 3600, "user": "id": "uuid", "role": "student", "name": "Aarav Sharma"
"identifier": "student@school.edu", "password": "secure123", "device_id": "optional"
Request:
Each sub-system (fees, attendance, etc.) validates the same JWT: