Skip to content
ImAiFox
Skill

embedded

by prismatic-io

AI Summary

Reference documentation for embedding Prismatic's integration marketplace and workflow builder inside a customer-facing web application. Embedding Prismatic means your customers never leave your app to manage integrations. The flow is: 1. Your backend generates a short-lived signed JWT (10 min) auth

Install

Copy this and paste it into Claude Code, Cursor, or any AI assistant:

I want to install the "embedded" skill in my project.

Please run this command in my terminal:
# Install skill into your project
mkdir -p .claude/skills/embedded && curl --retry 3 --retry-delay 2 --retry-all-errors -o .claude/skills/embedded/SKILL.md "https://raw.githubusercontent.com/prismatic-io/prismatic-skills/main/skills/embedded/SKILL.md"

Then restart Claude Code (or reload the window in Cursor) so the skill is picked up.

Description

Reference documentation for embedding Prismatic's integration marketplace and workflow builder in a web application. Covers JWT authentication, the embedded SDK, marketplace and workflow embedding, theming, i18n, additional screens, and custom marketplace UI. Use when the user asks about embedding Prismatic, JWT tokens for embedded apps, marketplace iframes, workflow builder integration, custom marketplace UI, or frontend SDK setup.

Prismatic Embedded

Reference documentation for embedding Prismatic's integration marketplace and workflow builder inside a customer-facing web application.

Core Concepts

Embedding Prismatic means your customers never leave your app to manage integrations. The flow is: • Your backend generates a short-lived signed JWT (10 min) authenticating the customer user • Your frontend calls prismatic.authenticate({ token }) with that JWT — never sign JWTs on the frontend • The frontend calls prismatic.showMarketplace(), prismatic.showWorkflows(), or another screen method to render an embedded iframe Before the JWT expires, the frontend re-fetches a fresh JWT from your backend and calls prismatic.authenticate({ token }) again. Existing iframes update automatically.

Critical Security Rule

JWT tokens MUST be signed on your backend using your private key. Never expose the private signing key to the frontend. The frontend only receives the signed JWT string from a backend API endpoint.

Signing Keys

Before any embedding can work, your organization needs a signing key. To check or create one: `bash

Discussion

0/2000
Loading comments...

Health Signals

MaintenanceCommitted Today
Active
AdoptionUnder 100 stars
21 ★ · Niche
DocsREADME + description
Well-documented

GitHub Signals

Stars21
Issues0
UpdatedToday
View on GitHub
MIT License

My Fox Den

Community Rating

Sign in to rate this booster

Works With

Claude Code

Related Skills

Openclaw MCP Server

MCP Server

dispatching-parallel-agents

Skill

systematic-debugging

Skill

requesting-code-review

Skill

View all Skills →