JWT

JSON Web Token can be used to authenticate calls with iHub.

Open

Algorithm

Choose a algorithm that the remote system supports

• HS256

• HS384

• HS512

• RS256

Secret / Private Key

Enter a key usually the format is PEM with PKCS#8 or PKCS#1/ OpenSSL

Encode secret with Base64

In some cases you need to encode the secret in base64 before sign, select this option is that is the case.

Claims

Enter all the claims needed to perform the authentication.

Example a google Claim

Special variable are used in iat and exp to set the expire and issuer time.

{{currentTimeSeconds}} = Now in seconds, {{plus currentTimeSeconds 1200}} = Now in secods + 1200 seconds (20 minutes).

Utilize {{variables}} for dynamic values that comes from incoming payload or previous calls. Like accessing the issue key {{issue.key}} or the account id of a user {{issue.fields.reporter.accountId}}. Check the Full Scope tab on the Execution log to see what data you can use.

Header Prefix

When this is set the JWT token will be prefixed with the value entered in the field.

Default is Bearer this will generate a Authorization: Bearer JWT_TOKEN header.

Some systems might require another prefix or no prefix, change this accordingly to the remote system preferences.

Use JWT as scope variable instead of authorization header

Check this if you do not want the JWT to be added as a Authorization header but instead added to the variable scope and be accessed on current action or any child actions.

This is normally done where you need to exchange the JWT to an access token before making the call.

One example is Google where you need to generate a JWT token then send it to the auth endpoint to get an access token back which in turn can be used to do the actual call to the Google services.

Examples

https://rixter.atlassian.net/wiki/spaces/RIFJ/pages/1544880133