Stable Version 4.0.2 (O11)
Also available for 10
Published on 20 July 2020 by 
Created on 06 February 2017
Library for creating, decoding and validating JSON Web Tokens, an open, industry standard RFC 7519 method for representing claims securely between two parties.
Read More

Library to handle JSON Web Tokens used in serve-side OAuth authentication, currently it only allows creating tokens, which are needed to connect to existing REST services that require JWT for authentication.  It supports tokens signed symmetrically (using HS256, HS384, HS512) and also asymmetrically (using RS256, RS384, RS512).

Follow your API's documentation on how to enable and authenticate using JWT, for public REST services an asymmetric key probably is needed and each service may require further claims besides the mandatory ones.

New in 4.0:

  • Better support for PKCS#5 or PKCS#8 keys, some key formats (“BEGIN PRIVATE KEY”) weren’t being supported for signing a token or passphrase was being mandatory.
  • Full support for JSON Web Keys (JWK), now it’s possible to sign and validate tokens with it. This might be an easier option to using key pairs in PEM format, because isn’t as picky and error prone on it’s layout, and many authentication providers (Auth0, Okta, etc.). There is no direct interface to sign or validate using JSON Web Key Sets, but helper actions were added to extract the correct JSON Web Key.
  • The Key Id and Algorithm header fields (kid, alg fields) are now being returned when reading a token.
  • Allows to add extra debug information for encoding and decoding (via site property on the JWT module).
  • Create and read token actions are now also available as service actions.
  • Performance tweaks and small fixes.
  • Redesigned demo app


- Suport for ES256, ES384 and ES512 

What’s new (4.0.2)
  • Remove mandatory passphare from PKCS#5 keys
Reviews (0)
Functional libraries & utilities, Security & authentication
Support Options
This component is not supported by OutSystems. You may use the discussion forums to leave suggestions or obtain best-effort support from the community, including from João Almeida who created this component.
JWT has no dependencies.
Component Consumers
See all 7 consumers
Weekly Downloads 
More from João Almeida