This page simulates a SaaS application that has already authenticated the user. On page load, the server called the token endpoint and injected a signed JWT below. The chatbot widget reads this token and includes it on every API call — the user never touches it.
This value is server-rendered. A user editing it in DevTools cannot change
practice_id inside it — the signature will fail and the API returns 401.
Simulates logging in as a different practice user. Each switch calls
/auth/token server-side and re-renders the page with a new token.