JWT

There's no dedicated JWT connection type because the JWT itself is only a "special format" of the Authorization header. Everything works the same way as described in Basic Connection chapter.

Generating a JWT

To generate the token, you can use the following example.

{
  "url": "https://mock.api/connect",
  "temp": {
    "jwt": {
      "iss": "https://iam.the.issu.er",
      "iat": "{{timestamp}}",
      "exp": "{{timestamp + 30000}}",
      "scope": ["rest_webservices"],
      "aud": "https://iam.the.audien.ce/services/rest/auth/oauth2/v1/token"
      },
    "options": {
      "header": {
        "kid": "{{parameters.clientId}}"
	}
      }
    },
    "headers": {
      "authorization": "Bearer {{jwt(temp.jwt, parameters.clientSecret, 'HS512', temp.options)}}"
    }
}

As you can see in the example, first, we build a JWT payload inside the temp variable called jwt, but you can use any other name for that variable.

Then, inside the Authorization header, we call the IML function named jwt. The jwt function accepts four parameters:

1. The payload to be signed.

2. The secret to signing the payload.

3. The algorithm. The supported algorithms are HS256, HS384, HS512, and RS256. The default value is HS256. This parameter is optional.

4. A custom header to customize the JWT authorization header. This parameter is optional.

This function will output a JWT token which you can use in the Authorization header.