Management/Projects

External Token (Beta)

Descope's External Token feature enables hybrid authentication by allowing you to keep using your existing token format and infrastructure, while still leveraging Descope Flows for identity orchestration. At the end of a Descope Flow, you can generate a custom external token that integrates seamlessly into your current backend setup—whether it's a legacy system, API gateway, or existing session logic. This allows you to modernize authentication with Descope without overhauling your token validation or authorization mechanisms.

Configure Token Connector

The first step to setting up an External Token is to configure an External Token connector in the Descope Console. Descope provides several prebuilt connectors that generate tokens compatible with specific platforms such as Firebase or Supabase. Alternatively, you can use the Generic HTTP Token connector to generate tokens in a custom format that works with your existing backend or API infrastructure.

Follow our External Token connector guides for connector configuration.

Enable the External Token Connector

In your project's settings under Session Management, locate the External Token section and choose the connector that you previously configured.

External token connector selection in project settings

Once the connector is enabled, an external token will be included in the authentication response when the flow runs. Here's an example using the Flow Runner:

External token in response after flow runner

Was this helpful?

Project Dashboard

Learn how to use the Descope Project Dashboard to monitor user activity, tenant metrics, and flow analytics for your authentication project.

Multi-Region Support

Learn how to use Descope with multi-regional support

On this page