Versions Compared

Old Version 1

changes.mady.by.user Annegret Bernhardt

Saved on

compared with

New Version Current

changes.mady.by.user Annegret Bernhardt

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space WAPIMGMNT232 and version 24.0

The JWT Policy helps you to validate JSON Web Tokens (JWT) by providing a signing key or a JSON Web Key Set (JWK(S)). You can also require claims and strip them to forward them as header to the backend API.

Configuration Options

Basic Configuration

OptionDescriptionPossible ValuesDefault
Signing Key or URL to a JWK(S)

Specify a Base-64 encoded signing key or a URL to a JWK(S) to validate JWT.

Multiexcerpt include
SpaceWithExcerptINTERNAL
MultiExcerptNameinfo_self_signed_certificates
PageWithExcerptINTERNAL:_api_excerpts

  • a Base-64 encoded string or
  • a URL to a JWK(S)
FQDN path automatically set for your PAS installation
Key ID (kid) of JWK(S)

Specify the key id of the JWK(S) in this field if you provided a JWK(S) URL.

a valid string-

Required Claims

Multiexcerpt include
SpaceWithExcerptINTERNAL
MultiExcerptNameclaim_availability
PageWithExcerptINTERNAL:_api_excerpts

OptionDescriptionPossible ValuesDefault

Claim

Specify a list of required claims. If a required claim is not present, access will be rejected.


a string-

Value

Determines the content of the claim.

a string-

Multiexcerpt include
SpaceWithExcerptINTERNAL
MultiExcerptNamepolicies_table_handling
PageWithExcerptINTERNAL:_api_excerpts

Forward Claim Information

Fields from the JWT can be set as headers and forwarded to the API.

Multiexcerpt include
SpaceWithExcerptINTERNAL
MultiExcerptNameclaim_availability
PageWithExcerptINTERNAL:_api_excerpts

OptionDescriptionPossible ValuesDefault

Field

Specify a list of fields from the JWT to be forwarded to the API as a header.

a string

-

Header

Holds the value of the Field.

a string

-

Multiexcerpt include
SpaceWithExcerptINTERNAL
MultiExcerptNamepolicies_table_handling
PageWithExcerptINTERNAL:_api_excerpts

Advanced Configuration

OptionDescriptionPossible ValuesDefault
Require Signed JWT (JWS)

Specify whether JWTs must be cryptographically signed and verified (JWS).

Multiexcerpt include
SpaceWithExcerptINTERNAL
MultiExcerptNamenote_enable_option
PageWithExcerptINTERNAL:_api_excerpts

  • enabled
  • disabled
enabled
Strip TokensEnable if the Authorization header or token query parameter should be removed before forwarding traffic to the API.
  • enabled
  • disabled
disabled
Maximum Clock SkewSpecify the maximum allowed clock skew in seconds when validating exp (expiry) and nbf (not before) claims. 0 implies default behavior.a valid integer0
Panel
titleOn this Page:

Table of Contents

Panel
titleRelated Pages:

Otp
Floatingfalse

rp