Use case

Add authentication to an Express API

Use AscendKit access tokens to protect an Express API. Verify the token in middleware and resolve each request to a usr_ record scoped by your project's public key. Auth lives alongside email, journeys, and surveys, so you can extend beyond login without new vendors.

How it works

  1. 1. Issue tokens from your app
    Authenticate users with the AscendKit SDK and obtain access tokens for API calls.
  2. 2. Verify in middleware
    Add Express middleware that verifies the access token and rejects unauthenticated requests.
  3. 3. Scope to the project
    Each verified request resolves to a usr_ record scoped by the X-AscendKit-Public-Key header.

FAQ

How does AscendKit auth work for a plain Express API?

Your frontend authenticates with AscendKit and sends an access token; Express middleware verifies it and resolves the request to a project user.

Is there signing key support for tokens?

Yes. AscendKit exposes signing keys via JWKS so access tokens can be verified against published keys.

Start with one API key

Auth, email, surveys, and journeys share one user record, so you ship this without stitching vendors together.

Start free