Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

JSON Web Token (JWT) Support

Applies to : Premium or Higher version

This feature enables usage of JSON Web Token (JWT) from the server response.
A JWT can be received as an Access Token or an ID Token.
If the ID Token is not received and if the Access Token is a JWT, the client not only fetches data from the JWT but also from the User Info Endpoint if specified.

How to Configure JWT?

To configure JWT, Navigate to the “Configure OAuth” tab and click on “Edit Application” link in front of the application that you want to configure JWT Support for, like shown below:
You will find the Advanced Grant Type Configuration section.
Select Response Type and Enable the JWT Support option after that select an appropriate JWT Signing algorithm. By Default, we use HSA.

NOTE - Select PKCE only when you are using Authorization Code Grant. You can enter any value in the client secret field.

When you select RSA as “JWT Signing Algorithm”, you will be shown an option to add the X509 Certificate verify the JWT signature:
You need to add in the RSA Certificate issued by your OpenID Connect Provider.
Often, the providers do not issue a certificate for each client. Instead, they have an OpenID Connect Discovery URL.
On this URL, you will find a jwks_uri, which you can use instead of the certificates.
Add this URI in its designated field above the Advanced Grant Type Configuration screen: