pub:jwt:verifyJWT
WmPublic. Verifies the signature in a JWT, the token expiration time, and the not-before time.
The expirationTime identifies the time, on or after which the JWT is not accepted for processing. The expiration date or time must be equal or later than to the current date or time.
The notBeforeTime identifies the time before which the JWT is not accepted for processing. The not-before date or time must be equal to or earlier than the current date or time.
Input Parameters
jwt | String. The token to be verified. |
truststoreAlias | String. Optional. Alias of the truststore that contains the list of certificates, which Integration Server uses to verify the JWT. |
certAlias | String. Optional. Alias that identifies a particular trusted certificate within a truststore. |
Output Parameters
isJWTverified | Boolean. Indicates whether the JWT is verified or not. A value of: true indicates that the JWT is verified. false indicates that the JWT is not verified. |
message | String. Success message if verified or a failed message with reason. |
Usage Notes
If you specify the truststoreAlias and certAlias input parameters, the JWT verification is based on these inputs. Therefore, the issuer-certificate mapping in Integration Server Administrator, if any, is ignored.
If you do not specify the truststoreAlias and certAlias input parameters, the JWT verification is then based on the public key that you can get from the existing issuer-certificate mapping in Integration Server Administrator.
If you do not specify the truststoreAlias and certAlias input parameters, and an issuer-certificate mapping is not available in Integration Server Administrator, then the service returns an exception.