This family groups a set of actions related to JSON Web Tokens, the standard RFC 7519 method for representing claims securely between two parties.
Sign JSON web token
This action generates a JSON web token that can be created with both symmetric and asymmetric algorithms.
Input settings
| Parameter |
Description |
| ID (required) |
Flow action ID. It can be used to reference output property values of this action. |
| Alias |
Short description of the action that will be displayed in the flow overview. |
| Secret or private key (required) |
String containing either the secret for HMAC algorithms, or the PEM encoded private key for RSA and ECDSA to create the JSON web token. |
| Algorithm (required) |
List of symmetric and asymmetric algorithms that can be used to encode the data. |
| Payload |
Data to encode. We recommend to format it according to OpenID standards. |
| Subject |
Use it to identify the principal that is the subject of the JWT. |
| Issuer |
Use it for the principal that issued the JSON web token (eg. sso.arengu.com). |
| Audience |
Use it to provide the recipients that the JWT is intended for (eg. admin.arengu.com). |
| Expires in |
Validity time. The time it takes for the JWT to expire. |
Output object
| Property |
Type |
Description |
| token |
String |
A JSON web token string. |
Output object example
{
"token": "eyJhbGciOiJIUzI1N..."
}
Verify JSON web token
This action verifies the JSON web token data, to check if it remains intact or has been modified, in order to guarantee its authenticity.
Input settings
| Parameter |
Description |
| Token (required) |
JSON web token string that will be verified. |
| Secret or public key (required) |
String containing either the secret for HMAC algorithms, or the PEM encoded public key for RSA and ECDSA to verify the JSON web token. |
| Issuer |
The issuer of the JWT that needs to be verified.
|
| Audience |
The recipient audience of the JWT that needs to be verified.
|
Output object
| Property |
Type |
Description |
| valid |
Boolean |
Returns true or false depending on whether or not the JWT has a valid signature. |
| cause |
String |
In case the valid property is false, it will display further information about the causes. |
| payload |
Object |
The decoded and valid JSON web token content. |
Output object examples
{
"valid": true,
"header": {
"alg": "HS256",
"typ": "JWT"
},
"payload": {
"sub": "1234567890",
"name": "Jane Doe",
"iat": 1516239022
},
"signature": "SflKxwRJSMe..."
}
{
"valid": false,
"cause": "invalid signature"
}
