diff --git a/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/api-key-injection.ts b/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/api-key-injection.ts
index 29f5292056..6c6f1b700b 100644
--- a/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/api-key-injection.ts
+++ b/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/api-key-injection.ts
@@ -1,9 +1,9 @@
 import { OAuth2Client } from "@/server/auth/OAuth2Client";
-import { APIKeyInjectionConfig, getAPIKeyInjectionConfig } from "@/server/auth/getApiKeyInjectionConfig";
+import { getAPIKeyInjectionConfig } from "@/server/auth/getApiKeyInjectionConfig";
 import { getAuthEdgeConfig } from "@/server/auth/getAuthEdgeConfig";
 import { withSecureCookie } from "@/server/auth/withSecure";
 import { getXFernHostEdge } from "@/server/xfernhost/edge";
-import { OryAccessTokenSchema } from "@fern-ui/ui/auth";
+import { APIKeyInjectionConfig, OryAccessTokenSchema } from "@fern-ui/ui/auth";
 import { NextRequest, NextResponse } from "next/server";
 import { WebflowClient } from "webflow-api";
 import type { OauthScope } from "webflow-api/api/types/OAuthScope";
diff --git a/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/jwt/callback.ts b/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/jwt/callback.ts
new file mode 100644
index 0000000000..41e733a63e
--- /dev/null
+++ b/packages/ui/docs-bundle/src/pages/api/fern-docs/auth/jwt/callback.ts
@@ -0,0 +1,42 @@
+import { verifyFernJWTConfig } from "@/server/auth/FernJWT";
+import { getAuthEdgeConfig } from "@/server/auth/getAuthEdgeConfig";
+import { withSecureCookie } from "@/server/auth/withSecure";
+import { getXFernHostEdge } from "@/server/xfernhost/edge";
+import { NextRequest, NextResponse } from "next/server";
+
+export const runtime = "edge";
+
+function redirectWithLoginError(location: string, errorMessage: string): NextResponse {
+    const url = new URL(location);
+    url.searchParams.set("loginError", errorMessage);
+    return NextResponse.redirect(url.toString());
+}
+
+export default async function handler(req: NextRequest): Promise<NextResponse> {
+    if (req.method !== "GET") {
+        return new NextResponse(null, { status: 405 });
+    }
+
+    const domain = getXFernHostEdge(req);
+    const edgeConfig = await getAuthEdgeConfig(domain);
+
+    const token = req.nextUrl.searchParams.get("fern_token");
+    const state = req.nextUrl.searchParams.get("state");
+    const redirectLocation = state ?? `https://${domain}/`;
+
+    if (edgeConfig?.type !== "basic_token_verification" || token == null) {
+        return redirectWithLoginError(redirectLocation, "Couldn't login, please try again");
+    }
+
+    try {
+        await verifyFernJWTConfig(token, edgeConfig);
+
+        const res = NextResponse.redirect(redirectLocation);
+        res.cookies.set("fern_token", token, withSecureCookie());
+        return res;
+    } catch (e) {
+        // eslint-disable-next-line no-console
+        console.error(e);
+        return redirectWithLoginError(redirectLocation, "Couldn't login, please try again");
+    }
+}