Hi Vikas,

All communication with the outside world for Mobile goes via the server, so you should look into any JWT component.

Hi Vikas,

There is one here https://www.outsystems.com/forge/component-overview/1853/jwt

Hope it helps!

Junaid

In my mobile app, the objective is that I would get a JWT token from API service which I need to decode first. Then use some parameters along with the newly retrieved parameters after decoding the JWT token and encode them to create a new JWT token to send it to the API service. 

I found 1 JWT component on forge but it is for the traditional web. So can I use that component in my mobile app?

If no, than what another way can I achieve my objective?

Hi Vikas,

1) JWTs are immutable. They are signed by the issuer, so you cannot tamper with them. The whole point of JWTs is that you have a token that cannot be altered, but does contain information to identify the bearer, to the server receiving it. Never ever you should need to interpret the content of a JWT at the client. And it's impossible by design to "add some parameters" to it.

2) All API calls made in OutSystems by a Mobile App go through the server. Unless you perform a REST call in JavaScript, there shouldn't be a need for JWT handling in the mobile app itself.

It is, in general, not advisable to use JWTs for information interchange. You have a mobile app, so there's no way for the API service to trust your self-signed JWT. What kind of API needs this?

Hello All,

Actually with the current components available on Forge I was unable to solve the my issue so I ended up creating a Extension using the Integration Studio which solved the problem.

Thanks All