JWT

RE: JWT

udayasai — Wed, 19 Nov 2025 07:48:13 GMT

hi team,

looks like this plugin wont support in portals

RE: JWT

Appian AppMarket — Fri, 31 Jan 2025 23:00:00 GMT

v1.5.1 Release Notes

Upgraded transitive dependencies for jjwt library for Expression Evaluation fix.

RE: JWT

David Jimenez — Thu, 09 Jan 2025 12:55:38 GMT

Hi,

In version 1.5 of the plugin, the decodeJWT function has stopped working. I have tried with different tokens and different jwks, and it always returns the same error:

"Expression evaluation error : io/jsonwebtoken/SignatureAlgorithm"

I'm trying in version 24.3 and 24.4. Has there been any change in that function? Can you help us?

Thanks!

RE: JWT

Adrián Cámara — Thu, 09 Jan 2025 12:09:21 GMT

Hi,

In version 1.5 of the plugin, the decodeJWT function has stopped working. I have tried with different tokens and different jwks, and it always returns the same error:

Has there been any change in that function?

Thanks!

RE: JWT

Appian AppMarket — Wed, 18 Dec 2024 23:00:00 GMT

v1.5.0 Release Notes

Upgraded jjwt library for vulnerability fix.

RE: JWT

raquelrp66 — Mon, 04 Nov 2024 10:41:23 GMT

Hi,

has this function been updated? They have changed the input parameters, but I don't see any information.

decodeJWT (Function) - Given a JWKS registry URL and a token, retrieve the proper public key and validate the given token returning an string with the decoded token if signature is valid, null otherwise

Now, to validate a token I have to use the validatejwtsignature one? Any example of use?

RE: JWT

Appian AppMarket — Mon, 19 Aug 2024 22:00:00 GMT

v1.4.11 Release Notes

Updated createtokenwithcustomclaims to allow for custom headers to be provided as an input. This gives support to DPoP OAuth extension.

RE: JWT

Appian AppMarket — Thu, 06 Jun 2024 22:00:00 GMT

v1.4.10 Release Notes

The createtoken and createtokenwithcustomclaims functions now supports PKCS#8 (RSA only) private keys in addition to PKCS#1
The validatejwtsignature function now supports the RSA256 algorithm in addition to RSA512

RE: JWT

JJ Cañas — Wed, 08 May 2024 16:11:36 GMT

Hi Team,

I have seen that the decodeJWT function returns the decoded token but only if the signature is valid, otherwise it returns null.

Is there a way to decode a token without validating the signature? I mean, something similar to the jwtdecode function of the JWT Functions plug-in.

Thanks in advance.

RE: JWT

simonj0002 — Tue, 06 Feb 2024 15:52:01 GMT

Hello

I have a JWKS repository with a mutual authentification (mTLS)
I imported a client certificat in "Client Certificates" of the admin console (docs.appian.com/.../Appian_Administration_Console.html
It is now OK from a stantard appian integration object, I can get the list of certificats

But with the JWT plugin, I have this error :

Caused by: com.auth0.jwk.NetworkException: Cannot obtain jwks from url https://XXXXX/oauth2/v1/keys
at com.auth0.jwk.UrlJwkProvider.getJwks(UrlJwkProvider.java:139)
at com.auth0.jwk.UrlJwkProvider.getAll(UrlJwkProvider.java:145)
at com.auth0.jwk.UrlJwkProvider.get(UrlJwkProvider.java:163)
at com.appiancorp.cs.plugins.jwtTools.jwt.InvalidableCache$2.call(InvalidableCache.java:43)
at com.appiancorp.cs.plugins.jwtTools.jwt.InvalidableCache$2.call(InvalidableCache.java:38)
at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4876)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3528)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2277)
... 262 more
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

It looks like mTLS is not managed by the plugin (handshake_failure)
Can you confirm this and is it possible to upgrade the plugin?

RE: JWT

Appian AppMarket — Thu, 14 Dec 2023 23:00:01 GMT

v1.4.8 Release Notes

Updated jackson databind, jwks-rsa, and guava libraries. Added License File.

RE: JWT

Appian AppMarket — Thu, 30 Nov 2023 23:00:00 GMT

v1.4.7 Release Notes

Adding iat to createtoken and createtokenwithcustomclaims
Remove iss and aud when null

IMPORTANT

If upgrading from 1.4.4 or below and using the claims parameter with createtokenwithcustomclaims, you will need to refactor the usage. Version 1.4.5 added a new parameter "ver" before the "claims" parameter and functions use parameters in the order they are referenced.

RE: JWT

Appian AppMarket — Thu, 20 Jul 2023 22:00:56 GMT

v1.4.6 Release Notes

Updated the bouncycastle bcpkix and bouncycastle bcprov libraries.

RE: JWT

OscarPinel — Tue, 13 Jun 2023 08:51:54 GMT

I am trying to decode a token and I am receiving a null response. I am using the function decodeJWT() and in the parameter "jwksURL" I am using the same domain ( "">example.com/.../jwks.json" ) as when creating the token with the function "createtokenwithcustomclaims()".

I created the private key with format PKCS#1 and I put the token on jwt.io and nothing is wrong with it.

Any suggestions on what could be wrong?

RE: JWT

Appian AppMarket — Tue, 21 Feb 2023 22:59:14 GMT

v1.4.5 Release Notes

new "ver" header parameter for the createTokenWithCustomClaims Function as some specific systems require a "ver" header