Skip to content

JWT Token configuration

Enabling JWT Token authentication

Go to the Administration menu and enable JWT Token in the Server configuration tab. image

Configuring identity provider

  • Create your jwt token necessarily with a valid and secure secret (big enough)

You can use our template for the payload: {"email": "example@emal.com", "firstName": "Test", "lastName": "User"}

In this template you can change/add the attributes as you want, but you will need to set them in point 2

  • Go to the Identity Providers tab and create a new configuration using the JWT Token details.

Screenshot 2024-02-20 at 12 53 10ā€ÆPM

  • Cookie name - is the name of the cookie that you will pass to your browser
  • Email attribute - is the name of the email attribute in your jwtToken, 'email' by default
  • Team attribute - is the name of the team attribute in your jwtToken, 'team' by default
  • First name attribute - is the name of the first name attribute in your jwtToken, 'firstName' by default
  • Last name attribute - is the name of the last name attribute in your jwtToken, 'lastName' by default
  • Public key - must be specified if you have encrypted your jwt token (carefully it is not a Secret key).

  • Secret key - parameter, specified when creating a jwt token, must be large enough and secure, otherwise it will be considered invalid (256 bit), e.g. on jwt.io:

    image

Testing JWTToken authentication

In order to test your authentication, you'll need to:

  • Create a jwt token on jwt.io or any other method

    Info

    Encrypt it if you need to do so

instruction on what parameters to record in fields in case of encoded token

  • Private Key - in the case of encryption we write in the Secret key The private key must

begin with -----BEGIN PRIVATE KEY-----

end -----END PRIVATE KEY-----

you can insert the key with or without these captions.

  • Public Key - in the case of coding, we write in the Public key

The publuc key must

begin with -----BEGIN PUBLIC KEY-----

end -----END PUBLIC KEY-----

you can insert the key with or without these captions.

Info

You only need to specify the keys when encrypting

  • Insert your jwtToken into your browser cookie, for example for google chrome:

  • Press F12 on Windows or CTRL + SHIFT + C on Linux, also you can right click on the page and click inspect

  • Choose Application -> Cookies on your website

    Untitled - Add your cookie with your cookie name

image

  • Insert your cookie name as name, and your jwt token as value, example:

image

  • Refresh your page

image

If you initially go in with a customized JWT and passed the jwt Token via cookie, you don't need to refresh the page, it will already use it, in my example setting up a manual jwt Token substitution