GuideReference
TrainingSupportCommunity

verify_​json_​web_​token

  • Property Manager name: JWT verification
  • Behavior version: The v2023-05-30 rule format supports the verify_​json_​web_​token behavior v1.1.
  • Rule format status: GA, stable
  • Access: Read-write
  • Allowed in includes: Yes

This behavior allows you to use JSON Web Tokens (JWT) to verify requests.

OptionTypeDescriptionRequires
extract_​locationenum

Specify from where to extract the JWT value.

{"displayType":"enum","options":["CLIENT_REQUEST_HEADER","QUERY_STRING"],"tag":"select"}
CLIENT_​REQUEST_​HEADER

The value is in a client request header.

QUERY_​STRING

The value is in the request's query string.

header_​namestring

This specifies the name of the header from which to extract the JWT value.

extract_​location is CLIENT_​REQUEST_​HEADER
{"displayType":"string","tag":"input","type":"text"}
{"if":{"attribute":"extractLocation","op":"eq","value":"CLIENT_REQUEST_HEADER"}}
query_​parameter_​namestring

This specifies the name of the query parameter from which to extract the JWT value.

extract_​location is QUERY_​STRING
{"displayType":"string","tag":"input","type":"text"}
{"if":{"attribute":"extractLocation","op":"eq","value":"QUERY_STRING"}}
jwtstring

An identifier for the JWT keys collection.

{"displayType":"string","tag":"input","type":"text"}
enable_​rs256boolean

Verifies JWTs signed with the RS256 algorithm. This signature helps ensure that the token hasn't been tampered with.

{"displayType":"boolean","tag":"input","type":"checkbox"}
enable_​es256boolean

Verifies JWTs signed with the ES256 algorithm. This signature helps ensure that the token hasn't been tampered with.

{"displayType":"boolean","tag":"input","type":"checkbox"}