White-Label Integration
Branded connection links via JWT
White-label integration allows you to generate branded connection links. Your clients connect social accounts through your branded page — they never see CodivUpload branding.
How It Works
- Go to Profiles → click Share on a profile
- Select platforms (multi-select supported)
- Configure branding: logo, redirect URL, title, description
- Optionally add YouTube BYOP credentials
- Click Generate Link → 48-hour JWT link created
- Share the link → client sees your branding
Customization Fields
| Field | Required | Description |
|---|---|---|
| Logo URL | Yes | Your company logo on the connection page |
| Redirect URL | Yes | Where the user goes after connecting |
| Page Title | No | Custom heading (default: "Connect Social Media Accounts") |
| Description | No | Custom description text |
| Button Text | No | Success button label (default: "Continue") |
| YouTube Client ID | No | For dedicated YouTube quota |
| YouTube Client Secret | No | For dedicated YouTube quota |
API Usage
# Generate JWT link via API
curl -X POST https://api.codivupload.com/v1/agency/profiles/generate-jwt \
-H "Authorization: Bearer YOUR_KEY" \
-d '{
"profile_name": "client_brand",
"platforms": ["youtube", "tiktok", "instagram"],
"logo_image": "https://yourdomain.com/logo.png",
"redirect_url": "https://yourdomain.com/success"
}'access_url is valid for 48 hours.Privacy & Compliance for White-Label
When your clients connect their social accounts through your branded page, their data is handled with the same security standards as direct CodivUpload connections:
Your client's OAuth tokens are encrypted (AES-256-GCM) and stored in your workspace. Neither you nor CodivUpload staff can see the raw tokens.
JWT links expire after 48 hours. If a link is leaked, it becomes useless after expiry. Tokens already connected remain valid.
Your responsibility: Inform your clients about the data you collect and how CodivUpload processes it. Include a link to your own privacy policy in the redirect_url flow.
YouTube BYOP credentials embedded in JWT links are encrypted in transit and never stored in the JWT itself — only a reference to the encrypted DB record.