JWT Credential

JSON Web Tokens (JWT - pronounced “jot”) are used by many services to represent and exchange information in a secure manner. When creating a JWT token, you need to supply the following information:

  • Credential name: This will be used in the credential widget
  • Algorithm: The algorithm to be used when computing the JWT
  • Payload: The payload to be included in the JWT. Payloads typically contain a set of Claims.
  • Auto generate ‘iat’ & ‘exp’ claims: When using JWTs, two common claims are iat (Issued At) and exp. When this checkbox is selected, Tines will insert an iat claim corresponding to the time the agent runs, and an exp claim corresponding to the current time + 1 hour, into the JWT payload.
  • Private key: The private key to be used to sign the JWT.

When an agent containing a credential widget corresponding to a JWT-type user credential runs, Tines will build a JWT and insert it into the options block in place of the credential widget. For example, given the following credential widget {% credential my_jwt_user_credential %} and a corresponding user credential, at runtime, Tines will replace the widget with a string similar to the following:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzY290Y2guaW8iLCJleHAiOjEzMDA4MTkzODAsIm5hbWUiOiJDaHJpcyBTZXZpbGxlamEiLCJhZG1pbiI6dHJ1ZX0.03f329983b86f7d9a9f5fef85305880101d5e302afafa20154d094b229f75773