Website Platform Login

Foundations

Integrations Core Concepts Integration Landscape Permissions

Identity Forwarding

Guides

Data Integration Guide Guide: Cost & Effort Guide: Data Quality

Guide: On-Premise Guide: Permissions Integration Guide

Connectors

Overview Microsoft 365 Google Workspace Jira & Confluence

Databases

No-Code

Overview Make Integration n8n Power Automate

Data Pools (RAG)

Custom Data Preparation Pipelines

Custom MCP

Custom MCP Server Building MCP Tooling

Custom AI Apps

App Building Tools

Security & Authentication Proxy

Data Vault (on Premise)

Prerequisites & Setup Create DataVault Local Deployment Custom Certificate Authority

Security and Compliance

Website Platform Login

User Guide Prompting Guide Admin Guide Rollout Guide Privacy & Security Integrations API

Identity Forwarding

Delegated authentication context propagation to third-party systems via meinGPT JWT

With JWT Identity Forwarding, meinGPT passes a signed JWT to third-party systems so they can securely evaluate user context.

This pattern is currently used in two areas:

Custom AI Apps (iframe)
Custom MCP Servers (header forwarding)

How it works

meinGPT creates a signed JWT with user and organization claims
The token is forwarded to the target system
The target verifies the signature via the JWKS endpoint
It applies permissions/scopes based on token claims

Transport variants

Custom AI Apps: Token in URL hash (#token=...)
Custom MCP Servers: Token in X-meinGPT-JWT header

Claims (subset)

sub
email
username
aud
organizationName
role
teams

Verification

Public keys are available per organization via JWKS:

https://app.meingpt.com/api/custom-apps/v1/jwks/{organizationId}

Related docs

Security & Authentication Proxy
Custom MCP Server

VPN

Classic VPN tunnel for strictly isolated networks

Data Integration Guide

Find the right integration type for different data categories

On this page

How it works Transport variants Claims (subset)Verification Related docs