> ## Documentation Index
> Fetch the complete documentation index at: https://docs.explo.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Generate Embed JWT

This endpoint generates a JWT (JSON Web Token) with the provided customer id and embed id encoded in it.
This token expires at the provided time, default is 24 hours after creation.

### Body

<ParamField body="provided_id" type="string">
  This is the id you've provided Explo for the customer you'd like to encode in this JWT.
</ParamField>

<ParamField body="embed_id" type="string">
  This is the id of the dashboard or report builder you're embedding.
</ParamField>

<ParamField body="key_id" type="string | null">
  This is the id of the key you'd like to use to encrypt your JWT. This ID can be taken from the
  `Data Visibility Groups` section of the settings page. If no key id is provided, Explo will
  generate one.
</ParamField>

<ParamField body="expiration" type="string | null">
  This is the date time that you want your JWT to expire at, in [ISO08601 duration
  format](https://en.wikipedia.org/wiki/ISO_8601#Durations). If not provided, this will be set to 24
  hours after creation.
</ParamField>

<ParamField body="chart_id" type="string | null">
  If embedding a single chart, provide the id of the chart here. This feature must be enabled by
  Explo.
</ParamField>

<ParamField body="rb_allowed_features" type="string[] | null">
  Controls what functionality end users can access in report builders. If `null` or `["*"]`, all
  functionality will be allowed. Learn more about configuring read-only report builders
  [here](/report-builder-features/read-only).
</ParamField>

<ParamField body="disable_editable_section_editing" type="boolean | null">
  An optional argument that disables your end user from editing the editable section at the bottom
  of the dashboard if enabled.
</ParamField>

<ParamField body="embed_origin" type="string | null">
  The domain of the embed, which ensures that the JWT is only valid from that origin.
  An optional argument for increased security.
</ParamField>

### Response

<ResponseField name="jwt" type="string">
  The JWT you requested. You can use this immediately in your embed.
</ResponseField>

<RequestExample>
  ```bash Example Request theme={null}
  curl --location --request POST 'https://api.explo.co/api/generate_jwt/' \
  --header 'Content-Type: application/json' \
  --header 'Explo-Authorization: Token <token>' \
  --data-raw '{
      "provided_id": "customer_1",
      "embed_id": "abcde",
      "expiration": "PT1H",
      "key_id":"aa111111-1a11-111a-aa11-1aaaa11a1a11",
      "rb_allowed_features": ["flt", "srt"],
      "disable_editable_section_editing": true,
      "embed_origin": "https://your-domain.com/"
  }'
  ```
</RequestExample>

<ResponseExample>
  ```json Response theme={null}
  {
    "success": 1,
    "jwt": "<example_jwt>"
  }
  ```
</ResponseExample>
