Single login between your app and ClickFunnels courses
Let members sign in once to your OverSkill app and open their ClickFunnels 2.0 course without a second login, with the exact prompt to add it to an existing app.
If you sell ClickFunnels 2.0 courses or memberships and you're also building a member app on OverSkill, you probably don't want your members logging in twice — once to your app, and again to ClickFunnels. You don't have to.
ClickFunnels 2.0 has an official single sign-on (SSO) feature for its Customer Center, and your OverSkill app can use it. Members log in once — to your OverSkill app — and when they click Open my course,
they land inside their ClickFunnels course already logged in. No password, no second sign-in.
How it works
Your members log into your OverSkill app as usual. Inside the app, the Open my course
button is a special link your app generates on the fly. That link carries a signed token that ClickFunnels recognizes as a valid login, so the member is dropped straight into their Customer Center (you can even deep-link them into a specific course) already signed in.
One important direction to know up front: this logs members from your app into ClickFunnels — not the other way around. So the setup that works best is to make your OverSkill app the home base
your members sign into, with the course links handing them off to ClickFunnels.
Before you start
A few things have to be true for this to work:
- Your ClickFunnels plan includes SSO. The Customer Center SSO /
JWT Key
feature is a Dominate-plan feature. If you don't see the SSO section described below, that's usually why. - Members use the same email in both places. The email a member uses in your OverSkill app must match the email on their ClickFunnels contact record. If they differ, the login won't find the right person. It's worth telling members in your app:
use the same email you purchased with.
- The member already exists in ClickFunnels. SSO signs in an existing contact — it doesn't create one. For course buyers this is automatic (they exist because they bought).
Step 1 — Get your ClickFunnels JWT Key
- Log into ClickFunnels 2.0.
- Open the Site & Blog app in the left menu, then go to Customer Center.
- Find the Single Sign-On (SSO) section and copy the JWT Key.
Treat that JWT Key like an admin password — anyone who has it can log in as any of your members. Keep it private; you'll add it to your app as a secret (Step 3), never paste it into anything public.
Step 2 — Note your Customer Center domain
- If you have not connected a custom domain, use your default
yourworkspace.myclickfunnels.comaddress. - If you have connected a custom domain, use that one — including the
www.(for examplewww.courses.yourdomain.com).
Heads up: once a custom domain is connected, ClickFunnels turns SSO off on the default myclickfunnels.com address. So if you're on a custom domain, you must use the custom one everywhere.
Step 3 — Add it to your app
The easy way — start from the template. We publish a working example you can copy:
It already has the Open my course
button, a preview view that shows you the exact login link it generates, and a built-in setup guide. Remix it, paste in your JWT Key and domain from Steps 1–2, and it's live. (There's a live demo at https://cf2-course-access-bridge.overskill.app — it uses placeholder credentials, so the course link won't open a real course, but everything else is real.)
Adding it to an app you already have. Open your app's editor chat and paste this prompt (swap in your real domain):
Add ClickFunnels Customer Center single sign-on to this app.
- Create two secret environment variables:
CF2_SSO_JWT_SECRET(I'll paste the value) andCF2_SSO_DOMAIN(set it towww.mycoursesdomain.com).- Create a custom API endpoint at
GET /api/cf2-ssothat requires a logged-in user, mints an HS256 JWT signed withCF2_SSO_JWT_SECRETfor the logged-in user's email (payload:sub=EMAIL:DOMAIN,nbf,iat,exp= now + 300 seconds, and an optionalredirect_totaken from a?to=query param but ONLY if it starts withhttps://DOMAIN/), then 302-redirects tohttps://DOMAIN/sso?identifier=URLENCODED_EMAIL&strategy=email&token=<jwt>.- Add an
Open my coursebutton on the dashboard that links to/api/cf2-sso?to=https://DOMAIN/customers/...(my course URL).The JWT must be signed server-side in the endpoint handler — never expose the secret to the browser.
Then add your JWT Key as the CF2_SSO_JWT_SECRET secret when the builder asks for it. The builder handles the technical parts — you don't need to write any code.
Step 4 — Test it
- Sign into your OverSkill app as a member whose email exists as a ClickFunnels contact.
- Click your course button. You should land in the ClickFunnels Customer Center already logged in (dropped straight into the course if you set a course link).
- Sign out and confirm a logged-out visitor can't reach the login endpoint.
If the button bounces you back to a ClickFunnels login screen, the usual causes are: the JWT Key doesn't match, or you're using the default myclickfunnels.com address while a custom domain is connected (use the custom domain, including the www.).
What this doesn't do
- It's one-directional. It logs members from your app into ClickFunnels, not the reverse. A member already inside ClickFunnels would still sign into your OverSkill app normally (which supports quick email-code login, so it's still low-friction).
- It's a login handoff, not a shared session. Logging out of one system doesn't automatically log the member out of the other.
- It can't fix mismatched emails. A member who used one email in ClickFunnels and a different one in your app will need to line those up.
What to read next
- Connecting to the ClickFunnels API — for reading contacts, orders, and other live ClickFunnels data
- Building ClickFunnels + fulfillment apps — reacting to purchases and fulfilling orders
- Letting your users sign in — how login works in your OverSkill app