Articles on: Maps & Integrations

Third-Party Integrations

Third-Party Integrations — Overview & Best Practices


Creative Job Hub integrates with several third-party services to expand capabilities (maps, push notifications, payments, analytics). This article describes the common integrations, where to configure them, and security best practices.


Common third-party integrations

  • Mapbox — Map tiles, styles and geocoding. Configure per-tenant public tokens under Settings → Integrations → Mapbox Configuration. Use server-side calls for secret tokens when needed. :contentReference[oaicite:23]{index=23}
  • Push notifications (APNs / FCM) — For native mobile apps and PWAs (where supported), configure push provider credentials at the tenant or backend level. Ensure device tokens are managed and rotated properly.
  • Payments (Stripe etc.) — CJH includes support for payments (the repo includes stripe in dependencies), and the Payments UI shows payment and deposit flows. Payment secrets must be server-side only; the client should only receive/hold public tokens or client tokens generated server-side. :contentReference[oaicite:24]{index=24} :contentReference[oaicite:25]{index=25}
  • Analytics & Monitoring — Integrate analytics providers to capture app events, errors, and usage metrics. Keep customer-identifying data redacted in analytics if required by privacy policies.


Where configuration lives

  • Tenant-level integrations are managed in the Integrations screen (Mapbox, push credentials, payment connectors). Server-side secrets (API keys, Stripe secret keys, push provider credentials) should be stored securely in server-side configuration or secret managers — do not place them in the frontend. :contentReference[oaicite:26]{index=26}


Security & secret handling

  • Public vs secret tokens: Use public tokens for client-side operations (map tiles). Use secret tokens and server-side endpoints for sensitive operations (charging cards, server-side geocoding if using secret tokens). Never store secret tokens in frontend code or repository.
  • Rotate secrets regularly and store them in a secret manager (Vault, cloud provider secrets). For tenant-level secrets, keep an audit trail of changes.


Integration testing & troubleshooting

  • Mapbox: Validate tokens and check console/network tile requests for 401/403 errors.
  • Push: Validate device registration flows and test with a small pilot before rolling out.
  • Payments: Run sandbox/test transactions and verify deposits / estimate linkages show up in the Payments UI (deposits are shown as deposit badge and linked to estimates). :contentReference[oaicite:27]{index=27}


  • Per-tenant tokens for services that charge per request or per usage to isolate costs. :contentReference[oaicite:28]{index=28}
  • Monitoring & alerts for failed push or payment batches.
  • Documented owner contacts for tenant tokens so an admin can rotate or revoke tokens quickly in case of compromise.






Updated on: 10/01/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!