Example 1: Authenticate Airlock IAM Loginapp session with JWT in URLĀ 

The JWT ticket used in this example contains the following data (and a signature):

Example JWT Ticket

  "typ": "JWT",
  "alg": "HS512"
  "sub": "jdoe",
  "nbf": 1518002352,
  "roles": "authenticated",
  "iss": "Airlock IAM",
  "exp": 1518002362,
  "iat": 1518002357,
  "jti": "b8703462-0980-4d90-a51f-fb40f3fda8e3",
  "seclevel": "-1"

In an URL, the ticket would be used as follows (JWT value truncated):


This sample JWT was generated by the "SSO Ticket Identity Propagator" plugin. Use any JWT library or tool to generate a valid JWT.

Check the documentation of the "JWT Ticket Decoder" plugin to see what claims (attributes), signature- and encryption algorithms are supported.

Not all claims (attributes) shown in the sample JWT are required. The configuration of the JWT-validating plugin (see below) defines the set of required claims.