verifyJsonWebToken

  • Property Manager name: JWT verification
  • Behavior version: The v2023-01-05 rule format supports the verifyJsonWebToken behavior v1.1.
  • Rule format status: GA, stable
  • Access: Read-write
  • Allowed in includes: Yes

This behavior allows you to use JSON Web Tokens (JWT) to verify requests.

OptionTypeDescriptionRequires
extract‚ÄčLocationenum

Specify from where to extract the JWT value.

{"displayType":"enum","options":["CLIENT_REQUEST_HEADER","QUERY_STRING"],"tag":"select"}
CLIENT_‚ÄčREQUEST_‚ÄčHEADER

The value is in a client request header.

QUERY_‚ÄčSTRING

The value is in the request's query string.

header‚ÄčNamestring

This specifies the name of the header from which to extract the JWT value.

extract‚ÄčLocation is CLIENT_‚ÄčREQUEST_‚ÄčHEADER
{"displayType":"string","tag":"input","type":"text"}
{"if":{"attribute":"extractLocation","op":"eq","value":"CLIENT_REQUEST_HEADER"}}
query‚ÄčParameter‚ÄčNamestring

This specifies the name of the query parameter from which to extract the JWT value.

extract‚ÄčLocation is QUERY_‚ÄčSTRING
{"displayType":"string","tag":"input","type":"text"}
{"if":{"attribute":"extractLocation","op":"eq","value":"QUERY_STRING"}}
jwtstring

An identifier for the JWT keys collection.

{"displayType":"string","tag":"input","type":"text"}
enable‚ÄčRS256boolean

Verifies JWTs signed with the RS256 algorithm. This signature helps ensure that the token hasn't been tampered with.

{"displayType":"boolean","tag":"input","type":"checkbox"}
enable‚ÄčES256boolean

Verifies JWTs signed with the ES256 algorithm. This signature helps ensure that the token hasn't been tampered with.

{"displayType":"boolean","tag":"input","type":"checkbox"}