verifyJsonWebToken

  • Property Manager name: JWT verification
  • Behavior version: The v2024-08-13 rule format supports the verifyJsonWebToken behavior v1.1.
  • Rule format status: GA, stable
  • Access: Read/Write
  • Allowed in includes: Yes

This behavior allows you to use JSON Web Tokens (JWT) to verify requests.

OptionTypeDescriptionRequires
extract​Locationenum

Specify from where to extract the JWT value.

{"displayType":"enum","options":["CLIENT_REQUEST_HEADER","QUERY_STRING"],"tag":"select"}
CLIENT_​REQUEST_​HEADER

The value is in a client request header.

QUERY_​STRING

The value is in the request's query string.

header​Namestring

This specifies the name of the header from which to extract the JWT value.

extract​Location is CLIENT_​REQUEST_​HEADER
{"displayType":"string","tag":"input","type":"text"}
{"if":{"attribute":"extractLocation","op":"eq","value":"CLIENT_REQUEST_HEADER"}}
query​Parameter​Namestring

This specifies the name of the query parameter from which to extract the JWT value.

extract​Location is QUERY_​STRING
{"displayType":"string","tag":"input","type":"text"}
{"if":{"attribute":"extractLocation","op":"eq","value":"QUERY_STRING"}}
jwtstring

An identifier for the JWT keys collection.

{"displayType":"string","tag":"input","type":"text"}
enable​RS256boolean

Verifies JWTs signed with the RS256 algorithm. This signature helps ensure that the token hasn't been tampered with.

{"displayType":"boolean","tag":"input","type":"checkbox"}
enable​ES256boolean

Verifies JWTs signed with the ES256 algorithm. This signature helps ensure that the token hasn't been tampered with.

{"displayType":"boolean","tag":"input","type":"checkbox"}