Created on 06 February 2017
icon_unfollowing
Login to follow
jwt

JWT

icon_trusted
Stable version 4.0.6 (Compatible with OutSystems 11)
Other versions available for 10
Uploaded on 06 February 2023 by 
4.4
 (14 ratings)
2 reviews
 3810
 110
jwt

JWT

Details
Library for creating, decoding and validating JSON Web Tokens, an open, industry standard RFC 7519 method for representing claims securely between two parties.
Asset screenshot_0Asset screenshot_1Asset screenshot_2
Read more

Library to handle JSON Web Tokens used in server-side OAuth authentication. Currently this component allows generating and decoding tokens, which are needed to connect to existing REST services that require JWT for authentication. It supports tokens signed symmetrically (using HS256, HS384, HS512) and also asymmetrically (using RS256, RS384, RS512).


Note:

Follow your API's documentation on how to enable and authenticate using JWT. For public REST services an asymmetric key probably is needed and each service may require further claims besides the mandatory ones.

------------------------------------------------------------------------------

Currently, this component doesn’t support the following algorithms: ES256, ES384 and ES512 

------------------------------------------------------------------------------

Features list:

Generate a JSON Web Token (JWT)

Generate a token using a plain secret key as signature (symmetric).

Generate a token using a private key  (PEM file) as signature (asymmetric).

Generate a token using a JSON Web Key (JSON object) as signature.

Generate an unsigned token.


Read a JSON Web Token (JWT)

Read a token generated using the plain secret key.

Read a token generated using the public key (of generated PEM file).

Read a token generated using a public key (Json Web Key).


Get a JSON Web Key (JWK, public key) from a JSON Web Key Sets (JWKS)

Helper action to obtain the JWK from a JWKS.

 



On the roadmap

  • Suport for ES256, ES384 and ES512 
  • Custom fields in header
  • Support for binary keys
  • Nested claims
  • multiple audiences
Release notes (4.0.6)


Since 4.0.4:

  • Update libraries
    • BouncyCastle 1.8.9
    • Newtonsoft.json 13.0.2
    • Microsoft.IdentityModel.Logging 5.2.4
    • Microsoft.IdentityModel.Tokens 5.2.4
    • System.IdentityModel.Tokens.Jwt 5.2.4


Since 4.0.5:

  • Unnecessary libraries cleanup, MSTest libraries were added to the JWT_Core project
License (4.0.6)
BSD-3 license (https://opensource.org/licenses/BSD-3-Clause)
Reviews (2)
by 
23 Feb
in version 4.0.6
It sucks , you cannot create the JWT without Passphrase key if you use the Asymmetric RS256 method and google service account is such a example that you can never create a JWT with it
Answer from the owner
23 Feb
in version 4.0.6
Have you tried to post something here in Support? Have you tried report the issue properly? Have you tried to reach out to the team?...
by 
2023-02-16
in version 4.0.6
Its working fine as expected.
Category
Functional libraries & utilities, Security & authentication
Support options
This asset is not supported by OutSystems. You may use the discussion forums to leave suggestions or obtain best-effort support from the community, including from  who created this asset.
Dependencies
JWT has no dependencies.
Application Objects
JWT has 3 AOs.
Team
Compatible with
Version 11
Database:
All
Asset consumers
See all 6 consumers
Weekly downloads 
More from João Almeida