Overview
Generate and validate JSON web tokens for use in integrating and authenticating with external systems, using a JWKS registry to get public keys for token signature validation. The create token functions support encrypted private keys in either the PKCS#1 or PCKS#8 standard.
Key Features & Functionality
You need to 'allow' the plugin to gain access to the secure credential store values. In the Admin Console, go to Integrations > Third-Party Credentials > open your secure credential you have the RSA key stored in. Under 'plugins', search for 'JWT', add it, and click save. That should do the trick.
Will Ruck Thanks. I wanted to know where we would actually enter the RSA Keypairs in this function? My code is exactly like your example. However, I receive the following:
Expression evaluation error at function fn!createdocusignrsajwttoken: This plug-in [jwtTools] is not registered to access secured values for the given external system key [docusign]. Check the external systems plug-ins list in the Administration Console.
virenp Please refer to this response, it was what I had to do to get this working!
Will RuckWere you able to figure out what was wrong? I am running into a similar issue when trying to pass in a value for externalSystemKey parameter
Hello,
I'm trying to function "createtoken" of this plugin but I've an issue in creating the token.
I have a private key like this
-----BEGIN PRIVATE KEY-----
<<MULTILINE DATA>>
-----END PRIVATE KEY-----
I have added the key in third party credentials but the I receive the error: "Appian JWTTools failed to read private key"
I tried to remove newlines but the error is the same.
Any suggestions?
Thx
Raymond, you are absolutely right, I hadn't even thought about that piece! I was unintentionally omitting the 'exp' field, and that was the problem. I saw that the value would default in the .java file for it and leapt to conclusions, and failed to include a null parameter for it. Goes to show even after years of this the little things can still come back to bite you.
For anyone else who runs into a similar issue, here is an example usage of the function:
fn!createdocusignrsajwttoken( externalSystemKey: "docusign", iss: "XXXXXX-XXXX-XXXXX-XXXXX", alg: "RS256", typ: "JWT", aud: "account-d.docusign.com", scope: "signature impersonation", exp: "", sub: "XXXXXX-XXXX-XXXXX-XXXXX" )
Thanks again!
Hello Will,
Great that you like it, and happy to help here. The GUID in itself should not be the problem, I am using similar GUID in my own use case. are you perhaps passing this value into the exp field? Or, what might be the case, did you not include the exp (with a null value) in your call? Plugins will not handle named parameters as you expect them. It will simply map each parameter based on order and ignore the naming you specified. If you omitted exp: null in your call, it will think the value you entered for sub should go for the exp parameter, which expects an int, not a string.
Hello, thank you for the excellent plugin! I have run into one issue with the 'createdocusignrsajwttoken' that I think might be an issue within the plugin itself.When passing in a GUID for a user to the 'sub' parameter (example: "13c51b9b-be89-4506-b86b-19e3e2216909"), I get the following error:
Expression evaluation error at function 'createdocusignrsajwttoken': The passed parameter(s) are of the wrong type. Received the type com.appiancorp.common.xml.JaxbConversionException: JAXB was not able to produce a value for typed value TypedValue[it=3,v=13c51b9b-be89-4506-b86b-19e3e2216909] as java class java.lang.Integer.
I downloaded and looked at the source for this particular function, and it appears to be taking in a string, so perhaps I am doing something else wrong? Otherwise, this plugin is exactly what I need, so I hope you can help clear this up for me!