Generate Json Web Signature

Contents

Configuration
Example
- Request
- Response

Generate Json Web Signature policy generates a Json Web Signature with headers specified here and the payload sent along with the request.

Configuration

The properties that have to be configured to use the policy are described below.

Figure 1: Generate Json Web Signature configuration attributes

Property	Description
Secret Key	Provide when a symmetric algorithm like HS256 is specified. The minimum length of the string has to be 256, 384, 512 bits for HS256, HS384, HS512 respectively.
Headers	The Header table must have at least one Header bearing the name "alg". Click the Add button to add Header details. Generating JWS Symmetric algorithm While using Symmetric Algorithms like HS256, use "alg" Identifier value as "HS256". HS256 Asymmetric algorithm While using Asymmetric algorithms like ES256 or RS256, providing two headers — "alg" and "kid" is mandatory. Icon Please refer to the Key ID description in the Json Web Token policy section to know how to set the "kid" Header value and to input the Private JSON Web keys. RS256 ES256
Json Web Keys	Provide when an asymmetric algorithm like RS256 or ES256 is specified. Icon Please refer to the Json web keys property description in the Json Web Token policy to know how to input the Private JSON Web keys.
Load Keys From URL	If Json Web Keys are exposed in a specific URL, then enable this property.
Keys URL	Specify the URL in which Json Web Keys are exposed. Icon If it's a secured URL (Eg: https://www.googleapis.com/oauth2/v3/certs), the certificate of the corresponding server has to be added to the Truststore located at installer\esb\server\profiles\certs\jssecacerts. Password of this Truststore is "passphrase". Sample Keytool command for importing certificate into truststore with an optional entry name(alias) as is given below. With this command, "samplecert1.cer" certificate can be added to the truststore "jssecacerts" with an entry name "samplealias".