The JWT ticket used in this example contains the following data (and a signature):
Example JWT Ticket
{ "typ": "JWT", "alg": "HS512" } { "sub": "jdoe", "nbf": 1518002352, "roles": "authenticated", "iss": "Airlock IAM", "exp": 1518002362, "iat": 1518002357, "jti": "b8703462-0980-4d90-a51f-fb40f3fda8e3", "seclevel": "-1" }
In an URL, the ticket would be used as follows (JWT value truncated):
https://my.host.com/iam/check-login?lang=de&sso=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIi...
This sample JWT was generated by the "SSO Ticket Identity Propagator" plugin. Use any JWT library or tool to generate a valid JWT.
Check the documentation of the "JWT Ticket Decoder" plugin to see what claims (attributes), signature- and encryption algorithms are supported.
Not all claims (attributes) shown in the sample JWT are required. The configuration of the JWT-validating plugin (see below) defines the set of required claims.