Skip to main content

Expanded options for signing and encrypting JSON Web Tokens (8.4)

Suggest edit Updated on May 3, 2021

You can now authenticate using JSON Web Token (JWT) token profiles to symmetrically and asymmetrically encrypt both signatures and content. Pega now supports all algorithms in the Nimbus JWT library, including nested tokens. Custom key identifier headers (kid) are also supported. Use token profiles to securely propagate identities and transfer data between systems.

The following figure shows a sample token profile that encrypts both signature and content with a selected algorithm.

Token profile example with new fields for signature and encryption enhancements
Token profile example with new fields for signature and encryption enhancements

 

For more information, see Creating a processing JSON Web token profile.

For more information, see Creating a generation JSON Web token profile.

  • Previous topic Configure an authentication profile with a JSON Web Token Bearer grant type (8.4)
  • Next topic Simplify access with an Application URL alias (8.4)
Did you find this content helpful? YesNo

100% found this useful

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us