Processing a JSON Web Token

For security reasons, each JSON Web Token should be validated.

1. In the Explorer panel, click Records > Security > Token Profile.
2. Click Create.
3. In the Token Type field, select JSON Web Token.
4. In the Purpose field, select Processing, to process the token validation.
5. Enter a token name and short description.
6. Click Create and open.
7. On the Processing tab, in the Claims validation section, click the Add icon to configure validations that are applied to register claims.
8. In the Name field, enter the name of the claim.
9. In the Map from field, select if the claim is mapped from a Constant or Clipboard.
10. In the Compare with field, enter the constant or clipboard property that the claim should be compared with.
11. Optional: In the Claims mapping section, click the Add icon to configure mapping for custom claims to clipboard properties.
12. In the Claim name field, enter the custom claim name.
13. In the Property field, enter the property name that the custom claim is mapped to.
14. Optional: In the Security section, select Accept unsigned tokens to accept a token that is not protected by signature algorithms.
15. In the Truststore field, enter the keystore that is used for the JWT signature validation.
16. Optional: In the Token lifetime section, in the Allowed time to account for clock skew (in seconds) field, enter the time difference between two different servers that are out of sync.
17. In the Advanced mapping section, in the Header as JSON string field, enter the clipboard property that the decoded header is assigned to and that can be used for any user-defined JWT processing logic.
18. In the Payload as JSON string field, enter the clipboard property the decoded payload is assigned to and can be used for any user-defined JWT processing logic.
19. Click Save.