Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Expanded options for signing and encrypting JSON Web Tokens (8.4)

Updated on May 3, 2021

You can now authenticate using JSON Web Token (JWT) token profiles to symmetrically and asymmetrically encrypt both signatures and content. Pega now supports all algorithms in the Nimbus JWT library, including nested tokens. Custom key identifier headers (kid) are also supported. Use token profiles to securely propagate identities and transfer data between systems.

The following figure shows a sample token profile that encrypts both signature and content with a selected algorithm.

Token profile example with new fields for signature and encryption enhancements
Token profile example with new fields for signature and encryption enhancements

 

For more information, see Creating a processing JSON Web token profile.

For more information, see Creating a generation JSON Web token profile.

  • Previous topic Configure an authentication profile with a JSON Web Token Bearer grant type (8.4)
  • Next topic Simplify access with an Application URL alias (8.4)

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us