Comment on page
Digibee JWT (Generate and Decode)
Learn how to use Digibee JWT to generate and decode JWT tokens.
Digibee JWT (Generate and Decode) generates and decodes JWT tokens for internal use in the Digibee Integration Platform.
In other words, the token generated by this component serves the communication that occurs between pipelines configured with REST Trigger or HTTP Trigger and its derivatives - once the JWT-type authentications are configured.
Take a look at the configuration options for the component. Parameters supported by Double Braces expressions are marked with
(DB).Parameter | Description | Default value | Data type |
|---|---|---|---|
Operation | Operation that determines whether to generate or decode a JWT token. | Generate | String |
Scopes | Scopes for the JWT token separated by comma (e.g., SCOPE1, SCOPE2, ...). | N/A | String |
Expiration | Expiration time for the JWT token in milliseconds. Maximum is 365 days (31,536,000,000 milliseconds). | N/A | Integer |
Fail On Error | If enabled, interrupts the pipeline execution on error; otherwise, result shows "success" as false. | False | Boolean |
Input
The component can receive any object in the input and will repass the complete body for the token generation. You can provide the Scopes and/or Expiration dynamically via Double Braces along with any additional parameter in the input message.
Output
{
"status": "logged"
}
The Authorization property will be placed with the token in the response header generated by the specifications above.
Example
Authorization: Bearer eyW4T.....
For this operation, the component doesn't expect any input message structure, but only a JWT token in the request header during the execution.
Input
{
"scopes": "SCOPE1,SCOPE2,...,...",
"expiration": 1602790847,
"randomProperty": "someValue",...
}
Header
Authorization: Bearer eyW4T.....
Output
{
"body": {
"dataToken": {
"consumer_name": "digibee",
"realm": "digibee",
"parameter1": "parameter_value",
"parameter2": "parameter_value",...
}
}
}
Error
{
error: "error message",
code: XXX,
body: {},
headers: {}
}
Important: for some errors, body and headers are unavailable.
This component needs the pipeline implementation to work properly. Refer to article Digibee JWT (Generate and Decode) implementation to know more about its use and application.
To better understand how the JWT token is generated from this component, check the following example.
For all JWT it's necessary to inform the headers, because they have all the information of the algorithm to be used in the token cryptography. Therefore, the standard headers of the generated token are:
{
"alg": "HS256",
"typ": "JWT"
}
The JWT token is composed by a payload, which includes all the information that travels in the token. It is informed in the component input:
{
"scopes": [],
"consumer_name":"digibee",
"realm": "REALM",
"someRandomProperty": "someRandomValue",….
}
UUID is randomly generated alongside with the token creation, which must be signed. See how to identify the UUID:
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
RANDOM_UUID
By the end of the execution, the token will be generated inside the Authorization header:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.jY3Sv72B0BlRCrxLauMXHJi5zLY3v2BmknciOEh3q2c
The order in which Digibee JWT (Generate and Decode) is placed in the pipeline also affects the operation and determines what data will be inserted into the JWT token. This happens because the component adds any content from the previous step into the generated JWT token (including the data received at the pipeline input).
It is important to consider this behavior. Therefore, Digibee JWT (Generate and Decode) must not be put as the first component in a pipeline. Components such as JSON Transformer, Transformer (JOLT), or JSON Generator must be used before JWT to determine appropriate data input.
The following example indicates a recommendable data input on JWT:
Last modified 1mo ago