Generate JWT

How can I generate a JWT and sign it with a symmetric key?

You can generate the JWT yourself.
Note that it consists of three parts.
1-** the header** {"alg":"HS512","typ":"JWT"} which is base64 encoded
2- the payload {" test":" a"} which is base64 encoded as well
3- the signing key which is the secret key to sign the JWT
4- the signature which is header + . + Payload signed by the signing key using hmac sha512 as the alg in the header suggests.

The signature follows this signing method

HMACSHA512(base64UrlEncode(header) + "." + base64UrlEncode(payload), your-512-bit-secret)

You can follow these steps in OB2 or use the JWT block

And thus, the final result looks like this


Hi, I’m trying to use the JWT block but can’t figure out what to put in the various sections. Can you explain in detail how to set this block? Thank you.

Where would I find the the signing key? HS256 is the algorithm

you can make very easy whit node.
first install node.js if you not have installed.
second open cmd in folder Scripts if not have make folder
third in cmd wtite this command: npm i jsonwebtoken
and now create a config whit that. this only example.

  input = "?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a?a"
  customCharset = ""
  => VAR @Key

  value = @input.PASS
  => VAR @Pass

  value = @input.USER
  => VAR @User

INPUT Key,User,Pass
var jwt = require('jsonwebtoken');
var token = jwt.sign({ Username: User, Password: Pass}, Key);

OUTPUT String @token

There is a JWT block you can use too, without using Node JS

how would i be able to get the secret for the jwt token block?

If it’s HS256 then it’s symmetric, which usually (in websites) means only the server has the key to sign in. You cannot forge that.

ah ok was HS256 pretty sure what if it isnt, you have an example of what it would look like?

what about RS512 how would i go about that?

or can you show example of using the jwt block

Read up on how JWT works first
The block is pretty straightforward, you put a (json) payload with the claims, the algo, and the key to sign it.

RS512 need password to encrypt privatekey.any info how provided that password in jwt block.

Yes i know payload & key its more of the “extra headers” part in the block or is it supposed to be blank or how would you go about that?