RSA-SHA256 JWT in Javascript

Not applicable

Hi,

Is there any JavaScript code are available to generate JWT in for RSA-SHA256 based on jwt.io.

Actually i am able to create header and claims but unable to create signature for RSA-SHA256.

while i am able to create JWT for SHA256 by Javascript.

Regards,

Solved Solved
2 9 2,800
1 ACCEPTED SOLUTION

Not applicable

Three options here:

  • Use JS pure libraries: jsrassign or jsjws. I haven't tried them though, so can't confirm they work properly.
  • Use auth0/jsonwebtoken, which runs on Node.js. With this option, you'll require to deploy a Node.js API Proxy, which can still run policies and set context variables.
  • Implement a Java Callout leveraging auth0/java-jwt. Similar to Node.js you can set context variables to continue to leverage your regular policies without impacting your current codebase.

Give them a try and let us know your results.

View solution in original post

9 REPLIES 9

Not applicable

Three options here:

  • Use JS pure libraries: jsrassign or jsjws. I haven't tried them though, so can't confirm they work properly.
  • Use auth0/jsonwebtoken, which runs on Node.js. With this option, you'll require to deploy a Node.js API Proxy, which can still run policies and set context variables.
  • Implement a Java Callout leveraging auth0/java-jwt. Similar to Node.js you can set context variables to continue to leverage your regular policies without impacting your current codebase.

Give them a try and let us know your results.

And actually there already IS a Java callout that does this, and you can use it without recompiling or knowing Java.

See here.

Good point @Dino! Thanks for keeping me honest!

Actually my application is accepting Javascript code only.

@Vinod I thought you meant to use this on Apigee. If, so Java is definitely an option. If it's on the client side, the two libraries above should do the trick for you!

I am trying by what library you have mentioned in JavaScript for RS256.

,

I need in JavaScript only because my application will accept JavaScript code.

Good stuff! Keep us posted.

I need in JavaScript only because my application will accept JavaScript code

ps: That does not amount to a good justification for using JS to sign a JWT.

Addendum: If you just want an RSA-signed JWT, then you can use the GenerateJWT policy, of course.

Available since late 2017.