Web SDK Authentication
The Web SDK provides two authentication methods for integrating Glean's search and chat capabilities into your application. Choose the method that best fits your deployment scenario and user requirements.
Authentication Methods
SSO Authentication (Default)
The default authentication method where users complete your organization's SSO login flow. When a user interacts with Glean components, they'll see a login button that opens an SSO authentication flow in a popup window.
Best for:
- Enterprise deployments where users have Glean accounts
- Internal applications and intranets
- Scenarios requiring SSO compliance
Configuration:
{
authMethod: "sso" // This is the default
}
Learn more about SSO Authentication →
Token-Based Authentication
Your server obtains authentication tokens from Glean's API and provides them to the Web SDK, eliminating the need for users to log in through the SSO flow. This enables seamless authentication for users who may not have Glean accounts or for anonymous access scenarios.
Best for:
- Public-facing applications where users don't have Glean accounts
- Seamless authentication without user interaction
- Anonymous or guest access to search functionality
- Documentation sites and marketing pages
Configuration:
{
authMethod: "token",
authToken: "GLEAN_AUTH_TOKEN_...",
onAuthTokenRequired: async () => {
// Fetch new token when current one expires
return newToken;
}
}
Learn more about Server-to-Server Authentication →
Quick Decision Guide
| Question | Answer | Recommended Method |
|---|---|---|
| Do your users have Glean accounts? | Yes | SSO Authentication |
| Do you want users to log in via SSO? | Yes | SSO Authentication |
| Do you need anonymous/guest access? | Yes | Token-Based Authentication |
| Are you building a public documentation site? | Yes | Token-Based Authentication |
| Do third-party cookies get blocked? | Yes | Token-Based Authentication (recommended) |
Getting Started
Installation
Choose your preferred installation method:
- NPM
- Script Tag
npm install @gleanwork/web-sdk
Then import in your application:
import GleanWebSDK from '@gleanwork/web-sdk';
// Or import specific methods
import { attach, renderSearchBox } from '@gleanwork/web-sdk';
Add the Web SDK script to your page's <head>:
<script
defer
src="https://{GLEAN_APP_DOMAIN}/embedded-search-latest.min.js"
></script>
The SDK will be available globally as window.GleanWebSDK or just GleanWebSDK.
Replace {GLEAN_APP_DOMAIN} with your Glean web app domain (typically app.glean.com or your-company.glean.com).
Basic Usage
Once installed, you can render Glean components with your chosen authentication method:
- SSO Auth
- Token Auth
// No auth configuration needed - SSO is default
GleanWebSDK.renderSearchBox(document.getElementById('search-container'), {
backend: 'https://{your}-be.glean.com/'
});
GleanWebSDK.renderSearchBox(document.getElementById('search-container'), {
authMethod: 'token',
authToken: yourAuthToken,
backend: 'https://{your}-be.glean.com/',
onAuthTokenRequired: async () => {
const response = await fetch('/api/get-glean-token');
const { token } = await response.json();
return token;
}
});
Third-Party Cookie Considerations
When third-party cookies are blocked in the user's browser, SSO authentication may not work reliably. In these cases, token-based authentication is required for the Web SDK to function properly.
See Third-Party Cookie Management for details.
Next Steps
- For standard enterprise deployments: Start with SSO Authentication to leverage your existing Glean SSO setup
- For public-facing sites: Explore Server-to-Server Authentication to provide seamless access without requiring user login
- Not sure which to choose? Review the detailed guides for each method to understand the implementation requirements
Related Documentation
Sources: