Auth0 Home Blog Docs

Understanding what is the process of "secret base64 encoded" when user click on the tick button

Hi my name is tapan,

i am facing some issue in the JWT token create.
i don’t know what is the process of how to secret base64 encoded.

below code give me string which is created without tick button on your website.

HMACSHA256( base64UrlEncode(header) + “.” + base64UrlEncode(payload), )

now my issue is i got correct token string after tick that check box. so, can you please explain which algorithm you are using to encode the token.

i also attached some of the screen shot. please check it out for your understanding.

Hi @tapan8716,

Welcome to the Auth0 Community Forum!

The secret is used to create the signature, which is then encoded using base64.

There are many libraries you can use to base64 encode and decode, and which you choose will depend on the language you are working with.

Hope this helps!

yes, I know that but what I am facing. I have developed a code and successfully generated a token in my local area. but that token is not accepted by my third party API. check my first and second screenshots both token are same.
the same way I generated token from the JWT.IO website and tick the “secret base64 encoded” at that time token is creating different and I that token is correct which the third party API accepts. I am not sure what I am missing to creating a token like my third screenshot.

let me know if you have any idea.

Can you post the code you are using to generate your token?

i have used MVC webAPI for generating token and my code is below.

var payload1 = new
{
iss = “HbVBd62ECqYcTLgr8009ihp8YiFernAy”,
exp = 1582957546
};

string tapantest = JsonWebToken.Encode(payload1, “aqF5DsZDGmQ2dWC1QG5R9mHlOdx8aaU8”, JwtHashAlgorithm.HS256);

JsonWebToken.txt (6.9 KB)

this is JSON web token class which I used in my project for generating token.

let me know if i need to change my code.

@tapan8716

If you decode the secret and uncheck the box you don’t get the right signature?

no, i added secret and check the box then after i getting wrong signature. i am not working on decode part. i want to just encoded correct string which i maintain above.

I found this explanation if that helps:

it is possible to schedule a call for resolved my issue. because I want to resolve it in two days. if yes then add me on skype and just drop a message.

My skype ID Is : sepldev4@gmail.com

I sent you a DM

Have you considered using an existing library for building your JWTs?