Identify customers
Attach Plandalf checkout sessions to logged-in users with email identity or signed JWT identity.
Identity lets Plandalf link purchases, resume sessions, and evaluate customer-aware gates.
Email identity
For low-risk flows, identify with an email.
plandalf.identify("jane@example.com");
plandalf.reset();
Warning
Email identity is not signed. A visitor with console access can call identify("someone@example.com"). Use a signed JWT when paid access or account ownership matters.
Signed JWT identity
Sign a short-lived JWT on your server and pass it to identify().
plandalf.ready((sdk) => {
sdk.identify(userJwt);
});
JWT payload:
{
"sub": "usr_123",
"email": "jane@example.com",
"name": "Jane Example",
"subscription": "sub_123",
"exp": 1711036800
}
Sign with an API key secret and include the API key preview or prefix in the JWT header as kid.
import jwt from "jsonwebtoken";
export function plandalfJwt(user) {
return jwt.sign(
{
sub: String(user.id),
email: user.email,
name: user.name
},
process.env.PLANDALF_API_KEY,
{
header: { kid: process.env.PLANDALF_API_KEY_PREVIEW },
expiresIn: "1h"
}
);
}
Per-call identity
Pass user to one checkout without changing the global browser identity.
await plandalf.present("pro-plan", {
user: customerJwt
});
Anonymous identity
If you do not call identify(), Plandalf still maintains an anonymous device ID in local storage. reset() clears the user token but preserves that anonymous ID.
Method names
Use identify() to set customer identity and reset() to clear it.
Related docs
Builder context
Move from SDK setup to the commerce surface.
SDK docs cover install, identity, gates, events, and React integration. The linked product surfaces show what the SDK is presenting or listening for.