JSON Web Token (JWT)

RPC Fast operates with JSON Web Token. Here we explain the way it works

JSON Web Token (JWT) in simple words

It is a JSON object defined in the RFC 7519 open standard. It is a safe method of exchanging information and representing claims with a high level of security. If you enable it, only authorized requests will proceed.

JSON Web Token (JWT) is available on the Enterprise pricing plan only.

Apply JWT

Follow our step-by-step instructions to send JWT requests on RPC Fast.

Generate RSA-256 keys

RS256 is an asymmetrical key. After creating one, you receive both public and private keys. You will use the private one to create a signature and the public one to check its authenticity.

# generate rsa key
openssl genrsa -out jwtRSA256-private.pem 2048
openssl rsa -in jwtRSA256-private.pem -pubout -outform PEM -out jwtRSA256-public.pem

Enable JWT in RPC Fast

Login -> Dashboard -> App Page -> Settings
Tap ‘Add token’ in the JWT Token section and type the public RS256 key from the previous step.
Clicking on ‘Add’ to get a public ID

Generate the JSON Web Token

You should add JWT to all headers of requests to enable its work. To create a full-fledged JSON Web Token, you must fill out HEADER, PAYLOAD, and SIGNATURE cells.

Field	Description	Example
alg	Write the signing algorithm you apply	RS256
typ	Fill out the token type	JWT
kid	Write your key id from the previous step	10e03c88-098d-47cb-b451-a67f2137fqcf

Field

Description

Example

alg

Write the signing algorithm you apply

RS256

typ

Fill out the token type

JWT

kid

Write your key id from the previous step

10e03c88-098d-47cb-b451-a67f2137fqcf

Payload

Field	Description	Example
aud	Who can operate with this token	rpcfast.com
exp	The validity time in a unix format (24 hours maximally)	1656907527

Field

Description

Example

aud

Who can operate with this token

rpcfast.com

exp

The validity time in a unix format (24 hours maximally)

1656907527

Use an epoch converter to receive a UNIX timestamp from a human-readable one or apply a unified command.

Signature

Encode a header.
Encode a payload.
Encode an algorithm from the title.
Take it all together and sign via the specific command.

# To encode a signature
sig=`echo -n "$header.$payload" | openssl dgst -sha256 -binary -sign jwtRSA256-private.pem  | openssl enc -base64 | tr -d '\n=' | tr -- '+/' '-_'`

JSON Web Token

Now you have your JSON Web Token! It looks like an encoded header, signature, and payload.

# JWT = header.payload.signature
jwt=`echo $header.$payload.$sig`
echo $jwt

You will need a debugger to verify it.

Sending requests with JSON Web Token

Add JWT to the request header entry to proceed with it correctly.

What should I do with a wrong JWT?

If you try sending requests with a wrong JWT or without it after enabling, a program will show the error 401 status code (security troubles). Disable JWT or enter the right one to continue operations.

{"error":"invalid payload or JWT configuration"}

Key rotation support

PRC Fast is OK with key rotation. All you need to do is to upload a new one.

PreviousArchive Node NextEthereum API

Last updated 2 years ago