Signing JWT Token in Rule with Tenant's Private Key

calqulate · May 23, 2020, 9:36am

Hello,

In the Redirect from Rule scenario, I understood that we need to sign the JWT token containing information being passed to the SPA. Must we create our own private/public key pair to do so, or can we use the existing Tenant’s private key to sign the token with?

Thank you

thameera · May 24, 2020, 2:09am

Hey @calqulate, the tenant’s private key cannot be accessed for this, so you need to either use your own key pair (in case of RS256) or your own secret (in case of HS256).

konrad.sopala · May 25, 2020, 7:14am

Thanks for providing that knowledge @thameera!

system · June 9, 2020, 7:14am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Can I generate a JWT token by using the application's private key inside the rule? JWT.io jwt , rules	3	3254	January 8, 2024
Would it be possible to sign a jwt token with a RSA public key? JWT.io spring-boot	2	3104	April 22, 2022
How to sign the JWT with private key from JWK(RS256) JWT.io	0	4174	September 3, 2019
Why do I need a private key to verify a JWT? JWT.io jwt , rs256	5	2230	March 18, 2024
How to forge an RS256 token with the Signing Key Help test , other	4	5916	June 9, 2023

Signing JWT Token in Rule with Tenant's Private Key

Related Topics