jwtConsumer - JWT Consumer (jwtConsumer)

The JWT consumer information to validate the JWT token.

NameTypeDefaultDescription
idstringA unique configuration ID.
issuerstringAn Issuer is a case-sensitive URL using the HTTP or HTTPS scheme that contains scheme, host, and optionally port number and path components.
sharedKeyReversably encoded password (string)Specifies the string that will be used to generate the shared keys. The value can be stored in clear text or in the more secure encoded form. Use the securityUtility tool with the encode option to encode the shared key.
signatureAlgorithm
  • HS256
  • RS256
RS256Specifies the signature algorithm that will be used to sign the JWT token.
HS256
Use the HS256 signature algorithm to sign and verify tokens.
RS256
Use the RS256 signature algorithm to sign and verify tokens.
trustStoreRefA reference to top level keyStore element (string).A keystore containing the public key necessary for verifying a signature of the JWT token.
trustedAliasstringA trusted key alias for using the public key to verify the signature of the token
clockSkewA period of time with millisecond precision5mThis is used to specify the allowed clock skew in minutes when validating the JSON web token. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. You can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
jwkEnabledbooleanfalseIndicates whether to use JWK to sign the token.
jwkEndpointUrlstringSpecifies a JWK end point URL.
sslRefA reference to top level ssl element (string).Specifies an ID of the SSL configuration that is used to connect to the OpenID Connect provider.

audiences

The trusted audience list to be included in the aud claim in the JSON web token.