JWT Functions

Overview

Allows for an additional layer of security using signed JWT. This plug-in may also be used to integrate with external systems using JWS.

Key Functionality and Features

  • jwtsign - Create a signed JWT using HS256, HS384, HS512, ES256, ES384, ES512, RS256, RS384, or RS512
  • jwtverify - Verify signed JWT
  • jwtgeneratesecretkey - Generate an Hmac-SHA key that can be used to sign a JWT using HS* algorithm
  • jwtdecode - Decode a JWT without verifying the signature

Uses JWTKs JJWT library: https://github.com/jwtk/jjwt

Anonymous
Parents
  • Hi John,

    Thanks for this contribution.

    Just one issue/ feedback which we found while using this so far:

    In the token options data type, which is one of the input in "jwtsign" function, it seems the plugin is ignoring the "kid" field of the token options data type while building the JWT token.

    Can this be fixed as we need this attribute for token authentication purposes?

    Thanks!

Comment
  • Hi John,

    Thanks for this contribution.

    Just one issue/ feedback which we found while using this so far:

    In the token options data type, which is one of the input in "jwtsign" function, it seems the plugin is ignoring the "kid" field of the token options data type while building the JWT token.

    Can this be fixed as we need this attribute for token authentication purposes?

    Thanks!

Children