Information
  • Author: Appian Corporation
  • Type: Plug-in (Function & Smart Service)
  • Support: This plug-in or utility is not supported by the author. The content is free to use with a licensed product, but it is made available as-is and Community supported.
  • Industry: All Industires
  • Compatible Version(s): 22.2+, 24.1
  • First Released:
  • Last Updated:
  • Cost: Free
Resources
Share
Home » AppMarket » JWT

JWT

Overview

Generate and validate JSON web tokens for use in integrating and authenticating with external systems, using a JWKS registry to get public keys for token signature validation

Key Features & Functionality

  • createtoken (Function) - create a signed JSON web token with standard claims.
  • createtokenwithcustomclaims (Function) - create a signed JSON web token with standard claims and additional custom claims that may be required for authentication with specific systems.
  • validatejwtsignature (Function) - Verify a received token against the issuing system's public key. Returns true if token was verified.
  • decodeJWT (Function) - Given a JWKS registry URL and a token, retrieve the proper public key and validate the given token returning an string with the decoded token if signature is valid, null otherwise.

  • createDocuSignRSAJWTToken (Function) - Generates a JWT that conforms to the specs of DocuSign.

Anonymous
Parents

  • Hello Will,

    Great that you like it, and happy to help here. The GUID in itself should not be the problem, I am using similar GUID in my own use case. are you perhaps passing this value into the exp field? Or, what might be the case, did you not include the exp (with a null value) in your call? Plugins will not handle named parameters as you expect them. It will simply map each parameter based on order and ignore the naming you specified. If you omitted exp: null in your call, it will think the value you entered for sub should go for the exp parameter, which expects an int, not a string.

  • in reply to Raymond Braakhekke

    Raymond, you are absolutely right, I hadn't even thought about that piece! I was unintentionally omitting the 'exp' field, and that was the problem. I saw that the value would default in the .java file for it and leapt to conclusions, and failed to include a null parameter for it. Goes to show even after years of this the little things can still come back to bite you.

    For anyone else who runs into a similar issue, here is an example usage of the function:

    fn!createdocusignrsajwttoken(
  externalSystemKey: "docusign",
  iss: "XXXXXX-XXXX-XXXXX-XXXXX",
  alg: "RS256",
  typ: "JWT",
  aud: "account-d.docusign.com",
  scope: "signature impersonation",
  exp: "",
  sub: "XXXXXX-XXXX-XXXXX-XXXXX"
)

    Thanks again!

  • in reply to Will Ruck

    It works now! Thanks a lot for your help .

  • in reply to virenp

    Close! Below is what my setting looks like. You only want to have the Private Key in that field, not the public and private.

  • in reply to Will Ruck

    Ah okay, I have added JWT. My key in the credentials is named appianprivatekey with both the public and private keys pasted as the values. Is this the correct way to do it? Because currently I'm getting "Appian JWTTools failed to generate JWT Token". Thanks!

Comment Children
© 2024 Appian. All rights reserved.
We want to hear from you! Submit a review on Gartner or G2.