Skip to content
Scalekit Docs

Implement user sign up

Signup is the first step in a user’s journey with your application. For B2B applications, each user may be associated with an organization. A user can belong to one or more organizations.

Here are some common signup use cases:

  • New user and organization: The first user to sign up creates a new organization and becomes its administrator.
  • Joining an existing organization: An existing user can join another organization or workspace within your application.
  • Invitation-based signup: A new user signs up by accepting an email invitation and is automatically added to the inviting organization.
  • Automatic organization joining: A user with a corporate email (e.g., jane.doe@acme.com) signs up and is prompted to join the existing “ACME Inc.” organization.
  • User provisioning via identity provider: A user account is created programmatically through an enterprise identity provider (e.g., Okta, Azure AD). The user first logs in via SSO instead of a traditional signup.

Scalekit helps you implement all such signup flows while handling the complexity of user management and authentication.

Sign up with Scalekit’s hosted signup page

Section titled “Sign up with Scalekit’s hosted signup page”

You can direct users to Scalekit’s managed signup page by adding the prompt: 'create' parameter when generating the authorization URL. This is the simplest way to implement a signup flow.

  1. Install the Scalekit SDK

    Section titled “Install the Scalekit SDK”

    npm install @scalekit-sdk/node

    Copy your API credentials from the Scalekit dashboard’s API Config section and set them as environment variables.

    Terminal window
    SCALEKIT_ENVIRONMENT_URL='<YOUR_ENVIRONMENT_URL>'
    SCALEKIT_CLIENT_ID='<ENVIRONMENT_CLIENT_ID>'
    SCALEKIT_CLIENT_SECRET='<ENVIRONMENT_CLIENT_SECRET>'

    Create a new Scalekit client instance after initializing the environment variables.

    utils/auth.js
    import { Scalekit } from '@scalekit-sdk/node';
    

    export let scalekit = new Scalekit(
      process.env.SCALEKIT_ENVIRONMENT_URL,
      process.env.SCALEKIT_CLIENT_ID,
      process.env.SCALEKIT_CLIENT_SECRET
    );

  2. Redirect the user to the sign up page

    Section titled “Redirect the user to the sign up page”

    Generate the authorization URL by passing a registered callback URL and scopes to the Scalekit SDK.

    Express.js
    const redirectUri = 'http://localhost:3000/api/callback';
    const options = {
      scopes: ['openid', 'profile', 'email', 'offline_access'],
      prompt: 'create', // explicitly takes you to sign up flow
    };
    

    const authorizationUrl = scalekit.getAuthorizationUrl(redirectUri, options);
    

    res.redirect(authorizationUrl);

    This will redirect the user to Scalekit’s managed sign-in page.

  3. Allow users to sign up

    Section titled “Allow users to sign up”

    Users can now sign in or sign up using their preferred authentication methods. Each authentication method is managed by Scalekit to successfully verify the user’s identity.

    Configure authentication methods Enable passwordless, social, or enterprise SSO to customize the signup experience.

  4. Retrieve user profile after identity verification

    Section titled “Retrieve user profile after identity verification”

    Scalekit triggers a callback to your registered callback URL with an authorization code. Exchange the code to get the user’s profile information.

    import scalekit from '@/utils/auth.js'
    const redirectUri = 'http://localhost:3000/api/callback';
    

    // Get the authorization code from the scalekit initiated callback
    app.get('/api/callback', async (req, res) => {
      const { code, error, error_description } = req.query;
    

      if (error) {
        return res.status(401).json({ error, error_description });
      }
    

      try {
        // Exchange the authorization code for a user profile
        const authResult = await scalekit.authenticateWithCode(
          code, redirectUri
        );
    

        const { user } = authResult;
    

        // "user" object contains the user's profile information
        // Next step: Create a session and log in the user
    5 collapsed lines
        res.redirect('/dashboard/profile');
      } catch (err) {
        console.error('Error exchanging code:', err);
        res.status(500).json({ error: 'Failed to authenticate user' });
      }
    });

    The authenticateWithCode method returns an object containing the user’s profile information (user object) and idToken (JWT).

    {
      user: {
        email: "john.doe@example.com",
        emailVerified: true,
        givenName: "John",
        name: "John Doe",
        id: "usr_74599896446906854"
      },
      idToken: "eyJhbGciO..",
      accessToken: "eyJhbGciOi..",
      refreshToken: "rt_8f7d6e5c4b3a2d1e0f9g8h7i6j..",
      expiresIn: 299
    }

    You can decode the idToken to access user information like email, name, and profile verification status directly from the token claims.

After the user signs up, they are redirected back to your application, and you can proceed to create a session.