JWT Functions

Overview

Allows for an additional layer of security using signed JWT. This plug-in may also be used to integrate with external systems using JWS.

Key Functionality and Features

  • jwtsign - Create a signed JWT using HS256, HS384, HS512, ES256, ES384, ES512, RS256, RS384, or RS512
  • jwtverify - Verify signed JWT
  • jwtgeneratesecretkey - Generate an Hmac-SHA key that can be used to sign a JWT using HS* algorithm
  • jwtdecode - Decode a JWT without verifying the signature

Uses JWTKs JJWT library: https://github.com/jwtk/jjwt

Anonymous
Parents
  • Release Notes - v2.0.0
    • Added support for JWKS
    • JWKS Uri will be derived from the token's issuer field concatenated with jwksPath from DecodeOptions

    New Decode Options:
    • jwksPath - Path to be appended in the issuer field to retrieve the JWKS
    • jwksUri - Override the entire Jwks Uri, if the URI is completely different from the issuer field
Comment
  • Release Notes - v2.0.0
    • Added support for JWKS
    • JWKS Uri will be derived from the token's issuer field concatenated with jwksPath from DecodeOptions

    New Decode Options:
    • jwksPath - Path to be appended in the issuer field to retrieve the JWKS
    • jwksUri - Override the entire Jwks Uri, if the URI is completely different from the issuer field
Children
No Data