GenerateJWTTokenVavle

Generates a JSON Web Token, JWT. Typically used in OpenID Connect scenarios.

Properties

Name Description Default value Mandatory Supports property expansion
subjectattribute Attribute holding the value put into the sub of the token. true true
keystore ID of the keystore used for signing the token true false
tokenattributes Any additional attributes to include in the token. Configuration shown in example below. false true

Example Configuration

{      
  "name": "GenerateJWTTokenVavle",
  "enabled": "true",
  "config": {
        "subjectattribute" : "<identifier to use>",
        "keystore" : "<id_of_keystore>",
        "tokenattributes":[{
                       "name":"<name_of_the_key_put_into_the token>",
                       "value":"<value_of_the_key_put_into_the token>"
                          }]
           }
}

Requirements

General information

Token TTL is 90 seconds.

Attributes always added to the payload are:

  • sub - the user identifier
  • iat - Issued at
  • nbf - Not before
  • exp - Expiration
  • jti - Token identifier

Sign algo is RS256.

Dates are formatted according to:

"

value representing the number of seconds from
      1970-01-01T00:00:00Z UTC until the specified UTC date/time,
      ignoring leap seconds.

"