Overview
Allows for an additional layer of security using signed JWT. This plug-in may also be used to integrate with external systems using JWS.
Key Functionality and Features
Uses JWTKs JJWT library: https://github.com/jwtk/jjwt
Hi John,
Thanks for this contribution.
Just one issue/ feedback which we found while using this so far:
In the token options data type, which is one of the input in "jwtsign" function, it seems the plugin is ignoring the "kid" field of the token options data type while building the JWT token.
Can this be fixed as we need this attribute for token authentication purposes?
Thanks!
Hi John.
Thanks a lot, I added the private key and it is working.
Thanks !!
Hi Jonathan,
The problem is you have an invalid key. If you will be generating your own key, you can use tools such as openssl or similar.
You may check this https://gist.github.com/ygotthilf/baa58da5c3dd1f69fae9.
Your private key should look something like this:
What you'd want to do then is to get the whole key, remove the newline characters, and save that in your SCS.
Then you can use the key in your expression.
Note: you don't need to put IAT in your payload, this is automatically added.
I'm not sure what your use-case is, if you really need to use RS256 (asymmetric), but a simpler way is using HS256 (symmetric). You just need to generate a random string as your secret (you may use jwtgeneratesecretkey) and store in your SCS.
Thanks
This is the expression.
Related with private key, I don't know how to create it exactly, I was trying to fix the shown errors and at the end I only created third party credentials in admin console as follows.
Should I do something else ?
Can you share the expression you're using? Also, how did you generate the private key?
Should I configure something in our environment in order to use this plug-in ?
I already created third party credentials in admin console and I'm using that key in "secretOrScsKey" parameter, but it is retrieving the following error.
I'm trying to use RS256
Thanks in advance.
Hi sid,
I just submitted a new version, you should expect this in a few days.
Not sure if it helps, but I also added new parameters to TokenOption and DecodeOptions: scsKeyId.
This should automatically add the scs key and field as your "kid" when signing, and use the "kid" to get the scs key and field when verifying.
Thanks for your response. Just wanted to check if you get a chance to get the plugin updated as per the request above?
Thanks,
Siddharth
Hi siddharthg837,
Thanks for bringing this up. I'll see if I can check this over the weekend and provide an update for the plugin.