Comment on page
JSON Web Token (JWT)
RPC Fast operates with JSON Web Token. Here we explain the way it works
It is a JSON object defined in the RFC 7519 open standard. It is a safe method of exchanging information and representing claims with a high level of security. If you enable it, only authorized requests will proceed.
Follow our step-by-step instructions to send JWT requests on RPC Fast.
RS256 is an asymmetrical key. After creating one, you receive both public and private keys. You will use the private one to create a signature and the public one to check its authenticity.
# generate rsa key
openssl genrsa -out jwtRSA256-private.pem 2048
openssl rsa -in jwtRSA256-private.pem -pubout -outform PEM -out jwtRSA256-public.pem
- 1.Login -> Dashboard -> App Page -> Settings
- 2.Tap ‘Add token’ in the JWT Token section and type the public RS256 key from the previous step.
- 3.Clicking on ‘Add’ to get a public ID
You should add JWT to all headers of requests to enable its work. To create a full-fledged JSON Web Token, you must fill out HEADER, PAYLOAD, and SIGNATURE cells.
Field | Description | Example |
---|---|---|
alg | Write the signing algorithm you apply | RS256 |
typ | Fill out the token type | JWT |
kid | Write your key id from the previous step | 10e03c88-098d-47cb-b451-a67f2137fqcf |
Field | Description | Example |
---|---|---|
aud | Who can operate with this token | rpcfast.com |
exp | The validity time in a unix format (24 hours maximally) | 1656907527 |
Use an epoch converter to receive a UNIX timestamp from a human-readable one or apply a unified command.
- 1.Encode a header.
- 2.Encode a payload.
- 3.Encode an algorithm from the title.
- 4.Take it all together and sign via the specific command.
# To encode a signature
sig=`echo -n "$header.$payload" | openssl dgst -sha256 -binary -sign jwtRSA256-private.pem | openssl enc -base64 | tr -d '\n=' | tr -- '+/' '-_'`
Now you have your JSON Web Token! It looks like an encoded header, signature, and payload.
# JWT = header.payload.signature
jwt=`echo $header.$payload.$sig`
echo $jwt
You will need a debugger to verify it.
Add JWT to the request header entry to proceed with it correctly.
If you try sending requests with a wrong JWT or without it after enabling, a program will show the error 401 status code (security troubles). Disable JWT or enter the right one to continue operations.
{"error":"invalid payload or JWT configuration"}
PRC Fast is OK with key rotation. All you need to do is to upload a new one.
Last modified 1yr ago