To streamline and secure API authentication, we use JSON Web Tokens (JWTs) to generate authentication headers automatically. This guide outlines the information needed from you to set up efficiently and prevent repeated access token requests.
Please complete the following fields:
Go to the Target Page, click on your API Target/Settings icon to open the target setup.
For your Target Setup, please select API Auth. Select the Authentication type as JWT Bearer.
1. Algorithm
Specify the signing algorithm used to sign your JWTs.
Accepted values: HS256 or RS256
If you're not sure which to choose, check your current API authentication method Or consult your developer.
2. Secret
This is your secret key used to sign (or verify) the JWT token.
For HS256, provide the shared secret.
For RS256, provide the private key if we're generating tokens, or the public key if we are verifying them.
Example:tu53RLzSrG
Optional: Let us know if the secret is Base64 encoded so we can decode it appropriately.
3. JWT Payload
The token body includes claims such as user ID, roles, and expiration details.
Please provide a sample payload in JSON format.
Example:
json{
"sub":
"[email protected]",
"exp": 1714675200,
"role": "admin"
}
4. JWT Header
The JWT header typically contains the algorithm and the type of token. If you use a custom header, please specify it.
Example:
json{
"alg": "HS256",
"typ": "JWT"
}
5. Header Prefix
Specify the prefix used in the Authorization header, typically:
Bearer (default)
6. Header Name
Specify the name of the HTTP header used to send the token.
Default: Authorization
Change only if your system uses a custom header name.