JWT functions in Jitterbit Design Studio¶
Introduction¶
JSON Web Token (JWT) functions allow for the creation, verification, and decoding of JWTs. For more information on the JWT specification, refer to IETF RFC 7519: JSON Web Token (JWT).
Important
While JWT functions do not appear in the Design Studio UI, the functions can still be used directly in scripts. JWT functions require Design Studio version 11.26 or later and agent version 11.26 or later.
CreateJwtToken
¶
Declaration¶
string CreateJwtToken(string header, string payload[, string private_key, string public_key])
Syntax¶
CreateJwtToken(<header>, <payload>[, <private_key>, <public_key>])
Required parameters¶
header
: A JSON string containing any expected header values for thealg
,typ
,cty
, andkid
keys. Thes key-value pairs are case insensitive. All other key-value pairs will be ignored. Supported algorithms includeHS256
,HS384
,HS512
,PS256
,PS384
,PS512
,RS256
,RS384
,RS512
,ES256
,ES256K
,ES384
,ES512
,EdDSA
, andNone
. If a value foralg
is unrecognized, it will be set toNone
. If a value fortyp
is unrecognized, it will be set toJWT
.payload
: A JSON string containing any expected payload values representing JWT claims. All key-value pairs will be treated as a valid claim. If claims likeaud
support multiple values, they can be defined as a comma-delimited string, for exampleaudience1, audience2, audience3
. Supported registered claims includeiss
,sub
,aud
,exp
,nbf
,iat
, andjti
. Forexp
,nbf
, andiat
to be treated as registered claims, they must be set using integer value (1234567890
, not"1234567890"
).
Optional parameters¶
private_key
: A string private key for the algorithm specified in theheader
. If theNone
algorithm is used, this field is ignored.public_key
: A string public key for the algorithm specified in theheader
. If theNone
,HS256
,HS384
, orHS512
algorithms are used, this field is ignored.
Description¶
Creates a JWT using the supplied information. On success, a string representing the newly created token is returned; otherwise, any error messages are returned.
Only the first two parameters are required for all cases. The remaining parameters are situational and may be required based on the chosen JWT algorithm.
Important
This function requires Design Studio version 11.26 or later and agent version 11.26 or later.
Examples¶
// Define the JWT header:
$header = '{"alg": "None", "typ": "JWT"}';
// Define the JWT payload:
$payload = '{"iat": 1234567890, "name": "Example", "test": "Test"}';
CreateJwtToken($header, $payload, "", "");
// Define the JWT header:
$header = '{"alg": "RS256", "typ": "JWT"}';
// Define the JWT payload:
$payload = '{"iat": 1234567890, "name": "Example", "test": "Test"}';
$privateKey = "-----BEGIN RSA PRIVATE KEY-----...";
$publicKey = "-----BEGIN PUBLIC KEY-----...";
CreateJwtToken($header, $payload, $privateKey, $publicKey);
VerifyJwt
¶
Declaration¶
bool VerifyJwt(string token)
Syntax¶
VerifyJwt(<token>)
Required parameters¶
token
: A string representing the JWT.
Description¶
Checks if the supplied token is a valid JWT token and returns a boolean (true
or false
) based on the result. This function verifies the token's formatting only, see VerifyJwtClaims
for a more comprehensive claims verification.
Important
This function requires Design Studio version 11.26 or later and agent version 11.26 or later.
Examples¶
// Check if a token is in JWT format:
VerifyJwt("AxE9qm4aTZiXvA2G8sblAxjeL...");
VerifyJwtClaims
¶
Declaration¶
bool VerifyJwtClaims(string token, string algorithm, string key[, string claims])
Syntax¶
VerifyJwtClaims(<token>, <algorithm>, <key>[, <claims>])
Required parameters¶
token
: A string representing the JWT.algorithm
: The algorithm used for claims verification.key
: The secret key used for claims verification.
Optional parameters¶
claims
: A JSON string containing the claims to be verified.
Description¶
Verifies if the supplied token's claims are valid (not modified) given the supplied algorithm and secret key and returns a boolean (true
or false
) based on the result. If the token itself is not valid, false
is returned without checking the claims. If no claims are supplied, this function instead acts like the VerifyJwt
function, ignoring the algorithm and secret key.
Caution
Claim values supplied for verification must match the original data types used. For example, "iat": "1234567890"
is not equal to "iat": 1234567890
.
If using agent version 11.26, VerifyJwtClaims
will generate errors if claims
is left empty. As a workaround, enter "{}"
for claims
.
Important
This function requires Design Studio version 11.26 or later and agent version 11.26 or later.
Examples¶
// Verify JWT claims:
VerifyJwtClaims("AxE9qm4aTZiXvA2G8sblAxjeL...", "RS256", "Secret", '{"iat": 1234567890, "name": "Example", "test": "Test"}');
// Empty claims workaround:
VerifyJwtClaims("AxE9qm4aTZiXvA2G8sblAxjeL...", "RS256", "Secret", "{}");
DecodeJwtToken
¶
Declaration¶
string DecodeJwtToken(string token)
Syntax¶
DecodeJwtToken(<token>)
Required parameters¶
token
: A string representing the JWT.
Description¶
Decodes the supplied token to retrieve its claims. On success, a string containing the decoded claims is returned. If the token is not valid, an empty string is returned. Otherwise, any error messages are returned.
Important
This function requires Design Studio version 11.26 or later and agent version 11.26 or later.
Examples¶
// Decode a JWT token:
DecodeJwtToken("AxE9qm4aTZiXvA2G8sblAxjeL...");
GetJwtHeader
¶
Declaration¶
string GetJwtHeader(string token)
Syntax¶
GetJwtHeader(<token>)
Required parameters¶
token
: A string representing the JWT.
Description¶
Retrieves the header from the JWT. On success, a string containing the header is returned. If the token is not valid, an empty string is returned.
Important
This function requires Design Studio version 11.26 or later and agent version 11.26 or later.
Examples¶
// Retrieve a JWT header:
GetJwtHeader("AxE9qm4aTZiXvA2G8sblAxjeL...");
GetJwtPayload
¶
Declaration¶
string GetJwtPayload(string token)
Syntax¶
GetJwtPayload(<token>)
Required parameters¶
token
: A string representing the JWT.
Description¶
Retrieves the payload from the JWT. On success, a string containing the payload is returned. If the token is not valid, an empty string is returned.
Important
This function requires Design Studio version 11.26 or later and agent version 11.26 or later.
Examples¶
// Retrieve a JWT payload:
GetJwtPayload("AxE9qm4aTZiXvA2G8sblAxjeL...");
GetJwtSignature
¶
Declaration¶
string GetJwtSignature(string token)
Syntax¶
GetJwtSignature(<token>)
Required parameters¶
token
: A string representing the JWT.
Description¶
Retrieves the signature from the JWT. On success, a string containing the signature is returned. If the token is not valid, an empty string is returned.
Important
This function requires Design Studio version 11.26 or later and agent version 11.26 or later.
Examples¶
// Retrieve a JWT signature:
GetJwtSignature("AxE9qm4aTZiXvA2G8sblAxjeL...");