JWT Validate
Overview
- The token signature (by using the secret or trusted certificate a with public key from the associated JWT Account ) and the algorithm specified in token header.
- If the token is still valid or if it has expired.
- If the "audience" property is specified, the audience in the token payload will be compared with the snap property, and the validation will only succeed if at least one of the values match.
Algorithms currently supported by the Snap:
- AES ALGORITHMS:
JWSAlgorithm.HS256,-
JWSAlgorithm.HS384, -
JWSAlgorithm.HS512,
- RSA ALGORITHMS:
-
JWSAlgorithm.RS256, -
JWSAlgorithm.RS384, -
JWSAlgorithm.RS512, -
JWSAlgorithm.PS256, -
JWSAlgorithm.PS384, -
JWSAlgorithm.PS512;
-
Flow-type Snap
Works in Ultra Tasks
Known issues
The RSA private key size might not match the RSA suggested algorithm tailing number. This Snap has been tested with tokens generated using the JWT Validate Snap. Validating tokens generated using other methods has not been tested.
Snap views
| View | Description | Examples of upstream and downstream Snaps |
|---|---|---|
| Input |
This Snap has at most one document input view. This Snap can have an upstream Snap that passes in the access token. Alternatively, this Snap could be the first Snap in a pipeline and receive the token in an HTTP Header or HTTP Request body. |
|
| Output |
This Snap has exactly one document output view. This Snap outputs a document that contains all the claims found in the token. The downstream Snap could take this information and do additional validation or filtering. Warning: Since triggered and scheduled tasks do not support custom HTTP
headers, the token should be passed in the request body for those types of tasks.
|
|
| Error |
Error handling is a generic way to handle errors without losing data or failing the Snap execution. You can handle the errors that the Snap might encounter when running the pipeline by choosing one of the following options from the When errors occur list under the Views tab. The available options are:
Learn more about Error handling in Pipelines. |
|
Snap settings
- Expression icon (
): Allows using
pipeline parameters to set field values dynamically (if enabled). SnapLogic Expressions
are not supported. If disabled, you can provide a static value. - SnapGPT (
): Generates SnapLogic Expressions
based on natural language using SnapGPT. Learn
more. - Suggestion icon (
): Populates a
list of values dynamically based on your Snap configuration. You can select only one
attribute at a time using the icon. Type into the field if it supports a comma-separated
list of values. - Upload
: Uploads files. Learn more.
| Field / Field set | Type | Description |
|---|---|---|
| Label | String | Required. Specify a unique name for the Snap. Modify this to be more appropriate, especially if more than one of the same Snaps is in the pipeline. Default value: JWT Generate Example: JWT Generate |
| Audience | Dropdown list/Expression |
The asset that the token should be valid for. It can be a string or list of strings. If a single value is specified, it must match the "audience" value in the JWT token for the validation to succeed. If a list of values is specified, at least one the values specified in this property should match at least one of the values in the token. Default value: pipe.projectPath |
| Access token | String/Expression | Required. The token to validate. Default value: None. |
| Snap execution | Dropdown list |
Choose one of the three modes in
which the Snap executes. Available options are:
Default value: Execute only Example: Validate & Execute |