How to generate the signed and encrypted JWT access token in FusionAuth

Question

I am using FusionAuth. We have created one application in it. It is an OAuth application.

It generates the JWT access token. I copy the access token and past it in the https://jwt.io/ debugger and see that, it is able to decode the JWT token and I am able to see the payload of the JWT. As this JWT is only signed and not encrypted.

Here, I want to generate the JWT as encrypted, So how I can generate JWT access token as encrypted, So basically I want a Signed and encrypted JWT and how fusion will validate it if we find a way to generate the JWT in an encrypted way?

Thank you.

score 3 · Accepted Answer · answered Dec 31 '19 at 16:22

3

FusionAuth does not currently support JWT encryption, we only support signing using HMAC, RSA or EC algorithms.

You could sign and encrypt a JWT outside of FusionAuth but FusionAuth will not be able to validate the signature.

If this is something you'd like to see in FusionAuth please open a feature request on our GitHub issues repository.

Thanks!

answered Dec 31 '19 at 16:22

robotdan

1,022
1
9
17

Thanks for the reply So is there any way to use "secret-Salt" while signing the JWT? – Dhaval Bhoot Jan 01 '20 at 12:13
@DhavalBhoot No, we would need to add new function to the product. – robotdan Jan 01 '20 at 23:02

score -2 · Answer 2 · answered Dec 31 '19 at 15:10

-2

You have to add some secret string (salt) in second parameter just like this :

var token = jwt.sign({ foo: 'bar' }, 'I'm-secret-Salt ')

answered Dec 31 '19 at 15:10

hussam abdallah

1
1

Thanks for the reply. How can I achieve this in FusionAuth? Do I need to write this in Lambda delegate or somewhere else? – Dhaval Bhoot Dec 31 '19 at 15:16
This answer assumes some specific JWT signing library, the user is asking how to accomplish this in FusionAuth specifically. – robotdan Dec 31 '19 at 16:19

How to generate the signed and encrypted JWT access token in FusionAuth

2 Answers2