Page Comparison

...

Code Block
string validateJwt( string openIdServer, string token, map <string, any> claimsToValidate, //Optional string algorithm //Optional)

Parameters

Parameter	Description
`openIdServer`	The destination URL of the token to be verified.
`token`	The value of the token.
`claimsToValidate`	An optional map field to declare the claims as well as the corresponding value to validate against the token.
`algorithm`	An optional field to verify the signing algorithm used by the token. The possible values could be RSA256, RSA384, RSA512, ECDSA256, ECDSA384, ECDSA512. By default, the APL function uses RSA256.
Returns	An error message on validation failure. Null on validation success.

Info

Example

^{Example of the validateJwt function with claims and algorithm optional values populated.}

Code Block

string token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyIsImtpZCI6Im5Pbz";
map<string, any> claimsToValidate = mapCreate(string, any);
mapSet(claimsToValidate, "appidacr", "2");
mapSet(claimsToValidate, "aud", "ae47e8fd-b2be-4626-a7b5-19d28961ba1e");
string error_message = JwtValidation.validateJwt("https://10.60.10.30/endpoint", token, claimsToValidate, "RSA512");

Info

JWKS Cache

^{The cache is exclusively accessible only from the backend , and users are not permitted to update it. This cache cannot be updated by users. It is used to minimize reduce the number of connections to the openIdServer OpenID server and will be reset when if the workflow is aborted.}

Code Block

{
  "[kid #1]": {
    "use": "sig",
    "kty": "RSA",
    "kid": "e1583dde-e337-4bda-abf5-85a8fed1bafb",
    "alg": "RS256",
    "n": "** public key in here **",
    "e": "AQAB"
  },
  "[kid #2]": {
    "use": "sig",
    "kty": "RSA",
    "kid": "e1583dde-e337-4bda-abf5-85a8fed1bafa",
    "alg": "RS256",
    "n": "** public key in here **",
    "e": "AQAB"
  }
}

...

Versions Compared

Old Version 4

New Version 5

Key

Parameters

Example

JWKS Cache