The JSON Web Token(JWT) is simply a JSON string containing claim values. The JWT Bearer grant handler will evaluate and validate the claims in the JWT token, and issue an access token at the Authorization Server end.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"sub":"admin",
"aud":[
"https://localhost:9443/oauth2/token"
],
"nbf":1507546100,
"iss":"jwtIDP",
"exp":1507606100,
"iat":1507546100,
"jti":"Token56756"
} |
The signature is calculated by base64 URL encoding the header and payload and concatenating them with a period as a separator and signing it:
| Code Block |
|---|
Signature = sign(encodeBase64(header) + '.' + encodeBase64(payload)) |
The signature must then be base64 URL encoded. JWT assertion can be generated by concatenating these three encoded values with a separator dot ".".
| Code Block |
|---|
assertion = encodeBase64(header) + '.' + encodeBase64(payload) + '.' + encodeBase64(signature) |
...