- Property Manager name: JWT verification
- Behavior version: The
v2024-10-21rule format supports theverifyJsonWebTokenbehavior v1.1. - Rule format status: GA, stable
- Access: Read/Write
- Allowed in includes: Yes
This behavior allows you to use JSON Web Tokens (JWT) to verify requests.
| Option | Type | Description | Requires | |
|---|---|---|---|---|
extractLocation | enum | Specify from where to extract the JWT value. | {"displayType":"enum","options":["CLIENT_REQUEST_HEADER","QUERY_STRING"],"tag":"select"} | |
CLIENT_REQUEST_HEADER | The value is in a client request header. | |||
QUERY_STRING | The value is in the request's query string. | |||
headerName | string | This specifies the name of the header from which to extract the JWT value. | extractLocation is CLIENT_REQUEST_HEADER | {"displayType":"string","tag":"input","type":"text"}{"if":{"attribute":"extractLocation","op":"eq","value":"CLIENT_REQUEST_HEADER"}} |
queryParameterName | string | This specifies the name of the query parameter from which to extract the JWT value. | extractLocation is QUERY_STRING | {"displayType":"string","tag":"input","type":"text"}{"if":{"attribute":"extractLocation","op":"eq","value":"QUERY_STRING"}} |
jwt | string | An identifier for the JWT keys collection. | {"displayType":"string","tag":"input","type":"text"} | |
enableRS256 | boolean | Verifies JWTs signed with the RS256 algorithm. This signature helps ensure that the token hasn't been tampered with. | {"displayType":"boolean","tag":"input","type":"checkbox"} | |
enableES256 | boolean | Verifies JWTs signed with the ES256 algorithm. This signature helps ensure that the token hasn't been tampered with. | {"displayType":"boolean","tag":"input","type":"checkbox"} |