Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Sign the JWT with KID and Private Key

Go to solution
Sivateja
New Contributor
New Contributor

‎07/02/2024 03:48 AM

Hi Team,

Could someone help me in signing the JWT? I have Key ID and Private Key with me.

Regards,

Sivateja

Labels:
0 Kudos
9 REPLIES 9

Go to solution
rushikeshvartak
All-Star
All-Star

‎07/02/2024 12:06 PM

Online Tool: jwt.io

If you prefer to use an online tool, you can use jwt.io to manually create and sign your JWT.

  1. Open jwt.io: Go to jwt.io.

  2. Header: Enter the header in the "Decoded" section. It will typically look like this:

    json
    {
    "alg": "RS256", "typ": "JWT", "kid": "YOUR_KEY_ID" }

  3. Payload: Enter your payload. For example:

    json
    { "sub": "subject", "iss": "issuer", "exp": 1609459200 // Unix timestamp for expiration }

  4. Signature: Paste your private key into the "Verify Signature" section. Make sure to remove the -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY----- lines and any whitespace.

  5. Copy JWT: The signed JWT will be generated in the "Encoded" section at the top. You can copy it from there.

Make sure to replace placeholders like YOUR_KEY_ID, subject, issuer, and path/to/your/private-key.pem with your actual values and paths.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.
0 Kudos

Go to solution
Sivateja
New Contributor
New Contributor
In response to rushikeshvartak

‎07/10/2024 07:07 AM

Hi

On the signature part, it is asking for both Private key and Public key when I select the algorithm ES256. But I only had private key with me.

Due to this it is throwing an error like invalid signature. 

 

 

0 Kudos

Go to solution
NM
Esteemed Contributor
Esteemed Contributor

‎07/10/2024 07:27 AM

Hi @Sivateja are you trying to create JWT online or in saviynt?


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'
0 Kudos

Go to solution
Sivateja
New Contributor
New Contributor
In response to NM

‎07/10/2024 07:35 AM

Hi @NM ,

Yes, I tried with JWT.IO as recommended. 

But, I need to do this in Saviynt as well. I have followed the developer guide for creating connection JSON for JWT authentication. But it is getting failed.

To ensure that I checked in jwt.io as well. There are also it is saying invalid signature.

0 Kudos

Go to solution
NM
Esteemed Contributor
Esteemed Contributor

‎07/10/2024 07:38 AM

@Sivateja you only have to add private key .. no need to add public.. what error do you get

Share connection json... Mask confidential values..


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'
0 Kudos

Go to solution
Sivateja
New Contributor
New Contributor
In response to NM

‎07/10/2024 07:45 AM

Here is the connection JSON

{
"authentications": {
"acctAuth": {
"authType": "Jwt",
"httpParamsName": "assertion",
"jwtConfig": {
"jwtHeader": {
"alg": "ES256",
"typ": "JWT",
"kid": "*********"
},
"jwtPayload": {
"iss": "******",
"sub": "user",
"aud": "appstoreconnect-v1",
"scope": "https://api.appstoreconnect.apple.com/v1/users"
},
"signedAlgorithm": "ES256",
"key": "-----BEGIN PRIVATE KEY----- ********** -----END PRIVATE KEY-----",
"jwtExpiryDuration": 120
},
"url": "https://api.appstoreconnect.apple.com",
"httpMethod": "POST",
"httpParams": {
"grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer"
},
"httpContentType": "application/x-www-form-urlencoded",
"retryFailureStatusCode": [
401,
500,
400
],
"authError": [
"SESSION_NOT_VALID",
"AuthenticationFailed",
"ExpiredJwtException",
"401 Unauthorized",
"401",
"You couldn't be authenticated"
],
"errorPath": "code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "abc"
}
}
}

0 Kudos

Go to solution
NM
Esteemed Contributor
Esteemed Contributor

‎07/10/2024 07:56 AM

@Sivateja, no need to add begin and end in key field of connection json


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'
0 Kudos

Go to solution
Sivateja
New Contributor
New Contributor
In response to NM

‎07/10/2024 07:57 AM

@NM I tried by removing them only. Just for reference I have given here.

0 Kudos

Go to solution
Sivateja
New Contributor
New Contributor
In response to Sivateja

‎07/10/2024 08:05 AM

@NM Please find the logs as well.

Preview file
4 KB
0 Kudos
Copyright © 2024 Khoros, LLC