verify_​json_​web_​token

Version: v2025-01-13Includes use: Yes

Behavior name: JWT verification

This behavior allows you to use JSON Web Tokens (JWT) to verify requests.

Default behavior

These samples reflect the behavior's default settings. You can use these as is in your configurations or make adjustments based on the behavior's available options.

data "akamai_property_rules_builder" "verify_json_web_token" {
  rules_v2025_02_18 {
    name     = "JWT verification"
    comments = "Uses JSON Web Tokens (JWT) to verify requests."
    behavior {
      verify_json_web_token {
        extract_location = "CLIENT_REQUEST_HEADER"
        header_name      = ""
        jwt              = ""
        enable_rs256     = true
        enable_rs256     = true
      }
    }
  }
}
"behaviors": [
  {
    "name": "verifyJsonWebToken",
    "options": {
      "extractLocation": "CLIENT_REQUEST_HEADER",
      "headername": "",
      "jwt": "",
      "enableRS256": true,
      "enableES256": true
    }
  }
]

Options

Option Description
extract_location
Specify from where to extract the JWT value. Value is one of:
  • CLIENT_REQUEST_HEADER. The value is in a client request header.
  • QUERY_STRING. The value is in the request's query string.
header_name
This specifies the name of the header from which to extract the JWT value.
query_parameter_name
This specifies the name of the query parameter from which to extract the JWT value.
jwt
An identifier for the JWT keys collection.
enable_rs256
Verifies JWTs signed with the RS256 algorithm. This signature helps ensure that the token hasn't been tampered with.
enable_es256
Verifies JWTs signed with the ES256 algorithm. This signature helps ensure that the token hasn't been tampered with.