Overview
Allows for an additional layer of security using signed JWT. This plug-in may also be used to integrate with external systems using JWS.
Key Functionality and Features
Uses JWTKs JJWT library: https://github.com/jwtk/jjwt
Hi John,
Thanks for this contribution.
Just one issue/ feedback which we found while using this so far:
In the token options data type, which is one of the input in "jwtsign" function, it seems the plugin is ignoring the "kid" field of the token options data type while building the JWT token.
Can this be fixed as we need this attribute for token authentication purposes?
Thanks!
Hi siddharthg837,
Thanks for bringing this up. I'll see if I can check this over the weekend and provide an update for the plugin.
Hi John.
Thanks a lot, I added the private key and it is working.
Thanks !!
Hi Jonathan,
The problem is you have an invalid key. If you will be generating your own key, you can use tools such as openssl or similar.
You may check this https://gist.github.com/ygotthilf/baa58da5c3dd1f69fae9.
Your private key should look something like this:
What you'd want to do then is to get the whole key, remove the newline characters, and save that in your SCS.
Then you can use the key in your expression.
Note: you don't need to put IAT in your payload, this is automatically added.
I'm not sure what your use-case is, if you really need to use RS256 (asymmetric), but a simpler way is using HS256 (symmetric). You just need to generate a random string as your secret (you may use jwtgeneratesecretkey) and store in your SCS.
Thanks