JWT Validate - Advanced Use Case

This Snap can be used at the start of a pipeline to limit access. By configuring the "audience" parameter, the pipeline will only allow calls with access token that contains that "audience" parameter.

Following on from the Advanced Use Case in JWT Generate documentation, let us assume that we want to allow calls associated with "sales" department only. Further, let us assume that we only want to allow calls when "age" is greater than 21.



Note:

You'll need to create a Configuring JWT Accounts to use for this sample. Use the attached jwt-keystore.jks file to create one.

(The keystore was created using keytool for demo purposes. It contains one symmetric key with alias: jwt password: jwtpasswd)

jwt-keystore.jks

  1. The JWT Validate Snap is configured as shown in the "Typical Snap Configuration" section above.
  2. If a token was generated for a different audience (for e.g. "Engineering"), then the Snap validation fails.


  3. With a valid token, the Validation succeeds and the contents of the decoded JWT are written to the output document.


  4. The next step after JWT Validate can perform further filtering or validation. In this example, we configure a Filter snap to only pass calls with an "age" value of greater than 21.


To successfully reuse pipelines:
  1. Download and import the pipeline into SnapLogic.
  2. Configure Snap accounts as applicable.
  3. Provide pipeline parameters as applicable.