Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Json Web Token - JWT

To access a integration in iHub using a JWT the user must setup a JWT Trigger.

This is done by toggle the JWT option on under webhook triggers.

JSON Web Tokens consist of three parts separated by dots (.), which are:

  • Header

  • Payload

  • eSignature

Therefore, a iHub JWT looks like the following.

xxxxx.yyyyy.zzzzz

The JWT token is then exchanged to a bearer which will be the short lived token that authenticate and triggers the integration flow.

image-20240529-070325.png

RSA 256 Key Pair

First generate a RSA Key pair and download the the key, once downloaded the key can not be recovered if lost. Only option if the key is lost is to generate a new key.

The downloaded file will contain the information needed to exchange the JWT to a Bearer token.

Sign the JWT token

To sign the JWT token use the header and payload.

Header

{
  "alg": "RS256",
  "typ": "JWT"
}

Payload

{
	"iss": "client_id_from_atlassian",
	"sub": "flow_id",
	"aud": "https://ihubprod.rixter.net/token",
	"iat": currentTimeSeconds,
	"exp": plus currentTimeSeconds 1200,
}

Output from the signed will be xxxxx.yyyyy.zzzzz

Exchange the JWT to Bearer

To exchange the JWT to a short lived bearer token,

POST to https://ihubprod.rixter.net/incoming/token

Body: 

{
    "grant_type":"urn:ihub:jwt:bearer",
    "assertion":"{{JWT}}"
}

Replace the {{JWT}} with the signed token from above step.

This URN structure indicates:

  • urn: Namespace denoting a Uniform Resource Name

  • ihub: Identifies the IHub system

  • jwt: Specifies a JSON Web Token (JWT)

  • bearer: Indicates the token type is bearer

Response

If valid it will return a body like below

{
	"access_token": "0AY_VpZg4WI2L0VYjXAc9ccwpNwj2TYbAJ-p_o2pCHHXWGK1N_ADhZ93y0e2REPitoJkbWs-VsEby0pTQXj1tP-5Wh8RTgbqKY343JvMhU_5EKf1vwXA8jUXeANWte-om4yGBIxbI7CUodb1hOfRuIw23RdSHHvvUWsKraffuJ0xpOr5sLTzc3NAdsak4Xjc8IjujDMoHDoEqECzL12CCCrVnkiDuGPN4TNnLbBPnqM91L-6a5WlC-bD3EetEmW7lS3R0GK7HLexgMiAwhKc9EXIaV3v_nwJZp2STQZcxc8Q4YcqCtKgOsSfrPb87MQ3z2FE2sBOmhIziLBS5WifWvYaBhWcyvxifWxj5aw7Ad0GvKRQzsbdP2GwGN385D42jpSupk9oxui84wuq6wr9bRsWagYwQjto-x2y7gZwyrMVyQpBOy_3QhhIY32Xw6vJoOj-2ypRWaIXnhzUyfJkfJv5j_4a8F_grpI9wigVS1X5cdkIBiis-ZuvYvkx8fIJ0nn59bFsomi1qvJ9pMyWByVZ4w2yeyuso7-Q2qRX0jrWbRrOsOMsl5xQoOZYZRm-bFz66ynd-3q50qjcr2QtdQy_ZXcQSZ1bkQjwio7x0jz_Yptn9Bfl2geOeioze__d-_9xd1ZZMwixbYvWuxklh8hvakVyIkc9ZfBMo5dMen6l89Wy0tsq5-65zvB8SZyfk-qikWic_ouVo26kJ1Xe-ni36dxxzoxM-Vu4Wuq3kJ58QhVcUhj9m6zzk866trqqJnx28cBJQ9ofhf8BjcOilO-bt8dJV-ZrRS2-vyFZq9_1d9tvMZe6WJ1JoVbQx7tne_7S8y3Jn2n3Frc18loQ9__Ye_5ic04ed367srWvi-1ojYbOM79hy5mnu2VMU6isFz_hUVqqj5Z-xXZIsQ02vW0g_uIltq85waObt8wYziv4lZU--UUZ1h72McynvY81gqQlB4uVIb6Sp_XprXYtgIOsIYkuQsp7so9ls4Rl7l52Zdkd1W29IF2w",
	"token_type": "Bearer",
	"expires_in": 3599
}

Use the Bearer token

To trigger the flow send the request to https://ihubprod.rixter.net/incoming/webhook with the http header Authorization: Bearer {{access_token}}

In this call you will include any data that the integration will process.

  • No labels