Last updated
Was this helpful?
Last updated
Was this helpful?
Token introspection is the setup when Aidbox trusts JWT
issued by external server.
TokenIntrospector
Aidbox provides three ways to validate JWT tokens with TokenIntrospector
resource:
Set jwt.secret
property to the secret value used to sign the JWT.
Set jwks_uri
property to the URL of the JWKS endpoint.
Cryptographic keys functionality is available starting from version 2505.
TokenIntrospector allows you to use RSA
EC
OCT
keys to validate a JWT token.
Only one of the options listed above can be configured for each TokenIntrospector resource.
AccessPolicy
User
Build JWT
issuer
should be https://auth.example.com
expiration
should be in the future
subject
should be basic
(user id)
key
should be very-secret
string
Press Create Signed JWT
button to get signed JWT. The generated JWT
looks like this
JWT
to get the accessMake an HTTP request providing authorization
header with the JWT
as a Bearer
token.
with introspection_endpoint
:
Use to build your JWT. Mind the claims:
See all available .
This guide explains how to configure Aidbox to trust external JWT