AnsweredAssumed Answered

Creating and Using a JWT

Question asked by ThinkSoft on Feb 6, 2018
Latest reply on Aug 7, 2018 by bendouglas

I'd like to create a JWT natively inside the record that's used to initiate a "something" for a period of time on - could be an api that's available only for an hour or what ever...

A JSON Web Token is essentially a three part string; using dot notation between each section - each is base64URL encoded prior to concatenation.

  • Header - JSON object - with no whitespace in the unquoted sections of the object.  "Spaces" are explicitly allowed in the value portion of the KVP.

 

  • Claim - JSON object - with no whitespace in the unquoted sections of the object.  "Spaces" are explicitly allowed in the value portion of the KVP.   Within this object are several elements such as the issuer, the topic, the start timestamp and the expiry timestamp ( both in UNIX format )

 

  • Signature - and HMAC SHA256 encrpyted keyed object on the concatenation of the header and payload.
    HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), key)

 

Has anyone actually got this to work in either DATABASE record, Script or retrieving a JWT from a service?

Outcomes