Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The JSON Web Token (JWT) is simply a JSON string containing claim values. The JWT Bearer grant handler evaluates and validates the claims in the JWT token and then issues an access token at the Authorization Server end.

...

Code Block
languagegroovy
titleSample payload
{  
   "sub":"admin",
   "aud":[  
      "https://localhost:9443/oauth2/token"
   ],
   "nbf":1507546100,
   "iss":"jwtIDP",
   "exp":1507606100,
   "iat":1507546100,
   "jti":"Token56756"
}


Generating the JWT assertion

  1. Deriving the signature.
    1. Encode the header and the payload separately using a base64 URL.
    2. Concatenate the encoded header and payload with a period and sign it to generate the signature.

      Code Block
      Signature = sign(encodeBase64(header) + '.' + encodeBase64(payload))
  2. . Encode the signature using base64 URL encoding.
  3. Generate the JWT assertion by concatenating the values of the base64 URL encoded header, payload, and signature using a dot "." as the separator.

    Code Block
    assertion =  encodeBase64(header) + '.' + encodeBase64(payload) + '.' + encodeBase64(signature)

 The result is as follows:

...