<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=2728387060522524&amp;ev=PageView&amp;noscript=1">
Skip to content
Contact us Customer support portal
  • There are no suggestions because the search field is empty.

URL integration

URL Integration is a way to embed parts of the Parashift frontend directly into your own application using a URL loaded inside an iframe. In simple terms: 👉 You show Parashift inside your webpage, without sending users to Parashift.

Overview

The URL Integration feature allows you to embed selected parts of the Parashift frontend directly into your own application using an iframe. This enables seamless integration of Parashift functionality, such as document viewing, file upload, and extraction validation inside a client webpage while maintaining secure authentication.

URL Integration is disabled by default and must be enabled per tenant.

Supported Applications

The following Parashift frontend components can be embedded:

  • Document Viewer

  • Upload File

  • Extraction Validation

Each component (referred to as an app) has its own configuration options, described later in this article.

Architecture & Authentication Flow

High-Level Flow

  1. The client webpage embeds the Parashift frontend using an iframe and passes a short-lived authentication token.

  2. The embedded frontend sends this authentication token to the id-api.

  3. The id-api validates the token and swaps it for a bearer token.

  4. The embedded frontend uses the bearer token to interact with the indi-api.

Token Lifecycle

  • The authentication token is short-lived (recommended: 1 minute).

  • The bearer token returned by Parashift is valid for 30 minutes.

  • The embedded frontend automatically refreshes the bearer token when required.

Authentication Token

Token Format

The authentication token is a JSON Web Token (JWT) signed with the client’s secret using the HS256 algorithm.

Required Claims

{
"exp": 1630000000,
"tenant_id": 1234
}
 
Claim Description
exp Expiration time (Unix timestamp, seconds). Recommended: now + 60 seconds
tenant_id Your Parashift tenant ID

⚠️ Security note:
Do not set long expiration times. Short-lived tokens reduce the risk if a token is intercepted.

Client Secret

  • The client secret is generated by the id-api when URL Integration is enabled.

  • It must be stored securely and treated like a password.

  • The same secret must exist in the Parashift tenant configuration.

Token Generation Example (Ruby)

Using the jwt gem:

 
require "jwt"

authentication_token = JWT.encode(
{
exp: Time.now.to_i + 60, # valid for 1 minute
tenant_id: 1234 # Your Parashift tenant ID
},
"i am the secret", # Client secret
"HS256"
)


Iframe Configuration

All integrations use the same base URL:

https://app.parashift.io/integration

Parameters are passed as query string values.

App: Document Viewer

Parameters

Attribute Required Description
app Yes viewer
auth Yes Authentication token
document_id Yes Parashift document ID

Example

<iframe
src="https://app.parashift.io/integration?app=viewer&auth=the.temporary.token&document_id=1234"
width="100%"
height="200px">
</iframe>


App: Upload File

Parameters

Attribute Required Description
app Yes upload
auth Yes Authentication token
classification_scope No Array of strings
custom_fields No Key-value object
document_type_id No Document type ID
external_id No External reference
is_batch No Boolean
not_for_training No Boolean
upload_configuration No String
validation_required No Boolean

Example

<iframe
src="https://app.parashift.io/integration?app=upload&auth=the.temporary.token"
width="100%"
height="200px">
</iframe>


App: Extraction Validation

Required Parameters

Attribute Required Description
app Yes extraction_validation
auth Yes Authentication token
document_id Yes Parashift document ID
options[viewer] Yes Viewer features (comma-separated)

Optional Parameters

Attribute Description
options[field_info] Field info features
options[table_input] Table input features
readonly Boolean

Viewer Options (options[viewer])

Comma-separated list of features:

  • left / right – viewer position (default: left)

  • jump_to_highlight

  • tokens

  • line

  • grid

  • sidebar

  • aggressive_highlight

  • passive_highlight

Field Info Options (options[field_info])

  • show_complete_validation_popup

  • field_status

  • text_zoom

  • field_help

  • prediction_confidence

  • recognition_confidence

  • whiteout_fields

Table Input Options (options[table_input])

  • new_line_on_enter

  • static_column_order

Example

<iframesrc="https://app.parashift.io/integration?app=extraction_validation&auth=the.temporary.token&document_id=1234&options[vierer]=left,tokens,line&options[field_info]=text_zoom,field_help&options[table_input]"width="100%"height="200px">
</iframe>

 

Enabling the Feature

  1. Open the Parashift Platform.

  2. Navigate to your Tenant Settings.

  3. Locate the URL Integration section.

  4. Click Enable URL Integration.

  5. Copy and securely store the generated client secret.

  6. Use this secret to sign authentication tokens.

  7. Pass the token as the auth query parameter in the iframe URL.

Disabling the Feature

  • URL Integration can be disabled at any time by clicking Disable URL Integration.

  • Once disabled, all existing iframe integrations will stop working.

Security Best Practices

  • Always use short-lived authentication tokens (recommended: 1 minute).

  • Store the client secret securely.

  • Rotate the secret if you suspect it has been compromised.

  • Use HTTPS exclusively when embedding iframes.