Contents

Popular
Contents

Generate Json Web Signature policy generates a Json Web Signature with headers specified here and the payload sent along with the request.

Configuration

The properties that have to be configured to use the policy are described below.


Figure 1: Generate Json Web Signature configuration attributes

Property
Description

Secret Key

Provide when a symmetric algorithm like HS256 is specified. The minimum length of the string has to be 256, 384, 512 bits for HS256, HS384, HS512 respectively. 

Headers

The Header table must have at least one Header bearing the name "alg". Click the Add button to add Header details.

Generating JWS
Symmetric algorithm

While using Symmetric Algorithms like HS256, use "alg" Identifier value as "HS256".

HS256

Asymmetric algorithm

While using Asymmetric algorithms like ES256 or RS256, providing two headers — "alg" and "kid" is mandatory.

Icon

Please refer to the Key ID description in the Json Web Token policy section to know how to set the "kid" Header value and to input the Private JSON Web keys.

RS256

 

ES256

 

Json Web Keys

Provide when an asymmetric algorithm like RS256 or ES256 is specified.

Icon

Load Keys From URL

If Json Web Keys are exposed in a specific URL, then enable this property.

Keys URL

Specify the URL in which Json Web Keys are exposed.

Icon

If it's a secured URL (Eg: https://www.googleapis.com/oauth2/v3/certs), the certificate of the corresponding server has to be added to the Truststore located at installer\esb\server\profiles\certs\jssecacerts. Password of this Truststore is "passphrase".

Sample Keytool command for importing certificate into truststore with an optional entry name(alias) as is given below.

With this command, "samplecert1.cer" certificate can be added to the truststore "jssecacerts" with an entry name "samplealias".

Example

Request

Response

Generates JWS and sets it in the context variable named "jws.signature".

Adaptavist ThemeBuilder EngineAtlassian Confluence