Pipes
2024.80 Pipes
2024.80 Pipes
  • Introduction
  • Configuration
  • Valves
    • API
      • HTTP Response Format Valve
    • BankID
      • BidOperation
      • BidToItems
    • Cef event
    • Codecs
      • Base64 Encode
      • Base64 Decode
    • DateTime
      • Instant Generator
      • Instant Transformer
    • Debug
      • Dump Request
      • Dump Session
      • Dump State
      • Wait
    • Delivery
      • Clean Mobile Valve
      • SMS Valve
      • Voice Valve
      • SMTP Valve
    • EntraID
      • Users
        • Create User
        • Update User
        • Delete User
        • Get User
        • List Users
        • List Groups for a user
        • List Direct Reports
        • List Owned Objects
        • Reset Password
      • Groups
        • Create Group
        • Update Group
        • Delete Group
        • List Groups
      • Directory
        • Restore Deleted Item
    • Flow
      • Flow Fail
      • Flow State Add
      • Assert Value
      • Pipe Exec
      • Pipe Call
    • Freja
    • HTTP
      • GET
      • PUT
      • POST
      • DELETE
    • Item
      • Item Create
      • Item Merge
      • Item Remove
      • Items Remove
      • Item Property Add
      • Item Property Split
      • Item Property Rename
      • Item Property Token Replace
      • MV Property To Items
      • JSON To Items
      • MV Property Join
    • JDBC Query
    • JSON
      • JsonObjectCreate
    • JWT
      • CreateJwt
      • ParseJwt
    • LDAP
      • LDAP Search
      • LDAP Group Filter
      • LDAP Bind
      • LDAP Add
      • LDAP Delete
      • LDAP Modify
      • LDAP Move
      • DN Parse
    • Misc
      • Basic Auth
    • OTP
      • OTP Generation
      • OTP Validation
    • PKI
      • X509 Certificate Extractor
      • X509 Certificate Validator
      • Passcode Generator
    • Request
      • RequestParameterExist
      • RequestParameterRename
    • ScriptEval
    • MobilSITHS
    • Session
      • Session Put
      • Session Create
      • CopyFromSession
    • Tokens
      • Token Authentication
Powered by GitBook
On this page
  1. Valves
  2. JWT

ParseJwt

Parses a JSON Web Token, JWT and verifies the signature. Claims is put on the current item.

Configuration

Valve name: ParseJwt

Name
Description
Default value
Mandatory
Expanded

jwt_src

Source of the JWT.

"{{request.access_token}}"

verify_token

If the signature should be verified.

true

internal_http_destination

HTTP module reference. Mandatory if jwks_endpoint is used to fetch public key.

N/A

jwks_endpoint

JWKS endpoint.

N/A

keystore

Keystore reference or json object containing keystore configuration. Used to verify JWT signature.

N/A

keystore_alias

Keystore alias.

N/A

sign_algorithm

Algorithm used when signature was created.

"RS256"

Example with local keystore for signature validation:
{
    "name": "ParseJwt",
    "config": {
        "jwt_src": "{{{session.access_token}}}",
        "keystore": {
             "path": "/fortified_test/config/keystore.p12",
             "password": "secret",
             "type": "PKCS12"
        },
        "keystore_alias" : "jwt"
    }
}

Example with jwks_endpoint to fetch key for signature validation:
{
    "name": "ParseJwt",
    "config": {
        "jwt_src": "{{{session.access_token}}}",
        "internal_http_destination": "http_client_1",
        "jwks_endpoint": "http://192.168.50.228:8080/oidc/tenant1/.well-known/openid-configuration/jwks"
    }
}

PreviousCreateJwtNextLDAP

Last updated 1 year ago