Processing a JSON Web Token
For security reasons, each JSON Web Token should be validated.
- In the navigation panel, click .
- Click Create.
- In the Token Type field, select JSON Web Token.
- In the Purpose field, select Processing, to process the token validation.
- Enter a token name and short description.
- Click Create and open.
-
On the Processing tab, in the Claims
validation section, click the Add icon to configure
validations that are applied to register claims.
- In the Name field, enter the name of the claim.
- In the Map from field, select if the claim is mapped from a Constant or Clipboard.
- In the Compare with field, enter the constant or clipboard property that the claim should be compared with.
- Optional:
In the Claims mapping section, click the
Add icon to configure mapping for custom claims to clipboard
properties.
- In the Claim name field, enter the custom claim name.
- In the Property field, enter the property name that the custom claim is mapped to.
- Optional: In the Security section, select Accept unsigned tokens to accept a token that is not protected by signature algorithms.
- If the profile requires signed tokens, in the Truststore field, enter the keystore that is used for the JWT signature validation.
- Optional: In the Token lifetime section, in the Allowed time to account for clock skew (in seconds) field, enter the time difference between two different servers that are out of sync.
- In the Advanced mapping section, in the Header as JSON string field, enter the clipboard property that the decoded header is assigned to and that can be used for any user-defined JWT processing logic.
- In the Payload as JSON string field, enter the clipboard property the decoded payload is assigned to and can be used for any user-defined JWT processing logic.
- Click Save.