HomeDevelopersApp Platform
App Platform
Build embedded apps for WorkSkedge with JWT authentication, postMessage API, and secure iframe integration.
Introduction to the App Platform
The WorkSkedge App Platform enables developers to build embedded applications that run seamlessly within the WorkSkedge interface. Your apps are loaded in secure iframes with full access to user context, authentication tokens, and real-time communication.
Authentication & Security
Secure Authentication
JWT tokens with user context, company data, and role-based permissions.
Real-time Communication
Bidirectional postMessage API for seamless app-to-platform integration.
Built-in Testing
Dev Launcher with token inspection and custom URL testing.
Architecture Overview
Your app runs inside an iframe within WorkSkedge. The platform handles authentication, passes JWT tokens with user context, and provides a postMessage API for real-time communication.
┌─────────────────────────────────────────────────────────┐
│ WorkSkedge Platform │
│ │
│ 1. User opens app → Platform generates JWT token │
│ 2. Token includes: userId, companyId, roles, etc. │
│ 3. Token passed via URL + postMessage │
│ │
│ ┌───────────────────────────────────────────────────┐ │
│ │ Your Embedded App (iframe) │ │
│ │ │ │
│ │ 1. Receive & decode JWT token │ │
│ │ 2. Verify token on your server │ │
│ │ 3. Access user data from token claims │ │
│ │ 4. Use postMessage for communication │ │
│ └───────────────────────────────────────────────────┘ │
│ │
│ ← postMessage: context updates, navigation, etc. │
│ → postMessage: ready, notify, refresh, etc. │
└─────────────────────────────────────────────────────────┘Integration Comparison
Choose the right integration method for your use case:
| Embedded Apps | Full UI inside WorkSkedge · JWT tokens (1hr) · postMessage · Best for dashboards, forms, visualizations |
| REST API | External UI · API keys · Polling required · Best for integrations, data sync, automation |
| Webhooks | No UI · Webhook signatures · Push notifications · Best for event-driven workflows |
Quick Start Workflow
Create Your App
Handle Authentication
Implement postMessage
Test with Dev Launcher
Deploy & Install
Requirements Checklist
- A web server to host your application (any hosting platform).
- HTTPS endpoint (required for secure iframe embedding).
- JWT token verification logic (client-side and server-side).
- postMessage event listeners for WorkSkedge communication.
- Error handling for expired or invalid tokens.
- Testing with Dev Launcher before production deployment.
