Authenticate using JSON Web Token (JWT)

Authenticate using JSON Web Token (JWT)

SnapLogic Public APIs accept JSON Web Tokens (JWTs) for authentication and provide the following benefits:

  • They avoid the need to pass the username and password in the authorization header.
  • They ensure data integrity and prevent tampering because any modification invalidates the token.
  • Your organization can use your choice of Identity Providers (IdPs), open source libraries, or token generators.

JWT-based authentication is for SnapLogic public APIs. The generated JWT token is passed in the request header Authorization as Bearer token:

Authorization: Bearer <your_jwt_token>

Prerequisites

Before using JWT authentication with SnapLogic public APIs, ensure you have completed the following:

  1. Configure your JWT provider (IdP) to generate signed tokens with the required claims. Refer to JWT configuration.
  2. In Admin Manager, configure the SnapLogic Environment with the issuer ID and JWKS endpoint. Refer to JWT authentication.
  3. Verify that the environment is properly configured for JWT-based authentication.

Authentication options

The JWT tab on the Admin Manager Authentication page includes configuration fields for enabling JWT-based authentication. You can configure public APIs to support both Basic Authentication and JWTs, or restrict access to JWTs only.

Attention: If you check the Disable basic authentication option in the JWT tab, all current public API calls using Authorization: Basic will fail with an HTTP 403 error. This applies across all Orgs/Users.

IdP-specific configuration guides

For detailed instructions on configuring specific Identity Providers to work with SnapLogic JWT authentication, refer to: