Integrations
Table of contents

JSON web token

This family groups a set of actions related to JSON Web Tokens, the standard RFC 7519 method for representing claims securely between two parties.

Sign JSON web token

This action generates a JSON web token that can be created with both symmetric and asymmetric algorithms.

Input settings

Parameter Description
ID (required) Flow action ID. It can be used to reference output property values of this action.
Alias Short description of the action that will be displayed in the flow overview.
Secret or private key (required) String containing either the secret for HMAC algorithms, or the PEM encoded private key for RSA and ECDSA to create the JSON web token.
Algorithm (required) List of symmetric and asymmetric algorithms that can be used to encode the data.
Payload Data to encode. We recommend to format it according to OpenID standards.
Subject Use it to identify the principal that is the subject of the JWT.
Issuer Use it for the principal that issued the JSON web token (eg. sso.arengu.com).
Audience Use it to provide the recipients that the JWT is intended for (eg. admin.arengu.com).
Expires in Validity time. The time it takes for the JWT to expire.

Output object

Property Type Description
token String A JSON web token string.

Output object example

{
  "token": "eyJhbGciOiJIUzI1N..."
}

Verify JSON web token

This action verifies the JSON web token data, to check if it remains intact or has been modified, in order to guarantee its authenticity.

Input settings

Parameter Description
Token (required) JSON web token string that will be verified.
Secret or public key (required) String containing either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA to verify the JSON web token.
Issuer The issuer of the JWT that needs to be verified.
Audience The recipient audience of the JWT that needs to be verified.

Output object

Property Type Description
valid Boolean Returns true or false depending on whether or not the JWT has a valid signature.
cause String In case the valid property is false, it will display further information about the causes.
payload Object The decoded and valid JSON web token content.

Output object examples

{
  "valid": true,
  "header": {
    "alg": "HS256",
    "typ": "JWT"
  },
  "payload": {
    "sub": "1234567890",
    "name": "Jane Doe",
    "iat": 1516239022
  },
  "signature": "SflKxwRJSMe..."
}
{
  "valid": false,
  "cause": "invalid signature"
}