This family groups a set of actions related to JSON Web Tokens, the standard RFC 7519 method for representing claims securely between two parties.
Sign JSON web token
This action generates a JSON web token that can be created with both symmetric and asymmetric algorithms.
Input settings
Parameter |
Description |
ID (required) |
Flow action ID. It can be used to reference output property values of this action. |
Alias |
Short description of the action that will be displayed in the flow overview. |
Secret or private key (required) |
String containing either the secret for HMAC algorithms, or the PEM encoded private key for RSA and ECDSA to create the JSON web token. |
Algorithm (required) |
List of symmetric and asymmetric algorithms that can be used to encode the data. |
Payload |
Data to encode. We recommend to format it according to OpenID standards. |
Subject |
Use it to identify the principal that is the subject of the JWT. |
Issuer |
Use it for the principal that issued the JSON web token (eg. sso.arengu.com). |
Audience |
Use it to provide the recipients that the JWT is intended for (eg. admin.arengu.com). |
Expires in |
Validity time. The time it takes for the JWT to expire. |
Output object
Property |
Type |
Description |
token |
String |
A JSON web token string. |
Output object example
{
"token": "eyJhbGciOiJIUzI1N..."
}
Verify JSON web token
This action verifies the JSON web token data, to check if it remains intact or has been modified, in order to guarantee its authenticity.
Input settings
Parameter |
Description |
Token (required) |
JSON web token string that will be verified. |
Secret or public key (required) |
String containing either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA to verify the JSON web token. |
Issuer |
The issuer of the JWT that needs to be verified.
|
Audience |
The recipient audience of the JWT that needs to be verified.
|
Output object
Property |
Type |
Description |
valid |
Boolean |
Returns true or false depending on whether or not the JWT has a valid signature. |
cause |
String |
In case the valid property is false , it will display further information about the causes. |
payload |
Object |
The decoded and valid JSON web token content. |
Output object examples
{
"valid": true,
"header": {
"alg": "HS256",
"typ": "JWT"
},
"payload": {
"sub": "1234567890",
"name": "Jane Doe",
"iat": 1516239022
},
"signature": "SflKxwRJSMe..."
}
{
"valid": false,
"cause": "invalid signature"
}