<iframe>, with none of the Filed app’s sidebar or top bar. This
is a different integration path from the rest of these guides: instead of
calling the GraphQL API yourself, you send the visitor’s browser to a Filed URL
that signs them in and renders the binder UI directly.
This is a UI embed, not a GraphQL operation. The visitor’s browser (inside the
iframe) authenticates with a cookie, not a
Bearer header, so none of the
requests here go through your own backend.1. Get a workspace token
Exchange an API key for aworkspaceToken exactly as described in
Authentication: call
exchangeSurfaceRefreshTokenForAccessTokens from your server, and keep the API
key itself on your server. Never send the API key to the browser, only the
short-lived workspaceToken.
2. Build the sign-in URL
Point the iframe’ssrc at /sign-in/token on the Filed app domain, with the
token and the embed path you want the visitor to land on:
The
workspaceToken from step 1. Must decode to a payload containing a
workspaceId claim, otherwise the visitor is sent to the sign-in page instead.Where to send the browser after the cookie is set. Must be a same-origin
relative path starting with
/ (not //), URL-encoded since it contains /.
For an embed, this is the binder path from step 3./sign-in/token also accepts a user_token parameter for a different, unrelated
flow: signing in as a specific user rather than pinning a workspace. It is not
used for embedding the binder.3. Point the iframe at the embed path
redirect should point at the chromeless binder:
/docs, /forms, or
/leads2 to land on a specific tab; the bare path redirects to /docs.
Token expiry
Like everyworkspaceToken, the one used here expires after about 30 minutes.
When it does, the binder shows its own “session expired” state inside the
iframe rather than redirecting out (there is nowhere sensible to redirect an
iframe to on another site). Mint a fresh workspaceToken, build a new
/sign-in/token URL, and reload the iframe’s src to recover.
Next steps
- Authentication: review how API keys,
workspaceTokens, and access levels work in Authentication. - Browse the binder over the API: to read binder data yourself (files, missing items, search) instead of embedding the UI, see Browse a client’s binder.