The JWT ticket used in this example contains the following data (and a signature):
Example JWT Ticket
{
"typ": "JWT",
"alg": "HS512"
}
{
"sub": "jdoe",
"nbf": 1518002352,
"roles": "authenticated",
"iss": "Airlock IAM",
"exp": 1518002362,
"iat": 1518002357,
"jti": "b8703462-0980-4d90-a51f-fb40f3fda8e3",
"seclevel": "-1"
}In an URL, the ticket would be used as follows (JWT value truncated):
https://my.host.com/iam/check-login?lang=de&sso=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIi...
This sample JWT was generated by the "SSO Ticket Identity Propagator" plugin. Use any JWT library or tool to generate a valid JWT.
Check the documentation of the "JWT Ticket Decoder" plugin to see what claims (attributes), signature- and encryption algorithms are supported.
Not all claims (attributes) shown in the sample JWT are required. The configuration of the JWT-validating plugin (see below) defines the set of required claims.