Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Sign the JWT with KID and Private Key

Sivateja
New Contributor
New Contributor

Hi Team,

Could someone help me in signing the JWT? I have Key ID and Private Key with me.

Regards,

Sivateja

9 REPLIES 9

rushikeshvartak
All-Star
All-Star

Online Tool: jwt.io

If you prefer to use an online tool, you can use jwt.io to manually create and sign your JWT.

  1. Open jwt.io: Go to jwt.io.

  2. Header: Enter the header in the "Decoded" section. It will typically look like this:

    json
    {
    "alg": "RS256", "typ": "JWT", "kid": "YOUR_KEY_ID" }
  3. Payload: Enter your payload. For example:

    json
    { "sub": "subject", "iss": "issuer", "exp": 1609459200 // Unix timestamp for expiration }
  4. Signature: Paste your private key into the "Verify Signature" section. Make sure to remove the -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY----- lines and any whitespace.

  5. Copy JWT: The signed JWT will be generated in the "Encoded" section at the top. You can copy it from there.

Make sure to replace placeholders like YOUR_KEY_ID, subject, issuer, and path/to/your/private-key.pem with your actual values and paths.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.

Hi

On the signature part, it is asking for both Private key and Public key when I select the algorithm ES256. But I only had private key with me.

Due to this it is throwing an error like invalid signature. 

 

 

NM
Esteemed Contributor
Esteemed Contributor

Hi @Sivateja are you trying to create JWT online or in saviynt?


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Sivateja
New Contributor
New Contributor

Hi @NM ,

Yes, I tried with JWT.IO as recommended. 

But, I need to do this in Saviynt as well. I have followed the developer guide for creating connection JSON for JWT authentication. But it is getting failed.

To ensure that I checked in jwt.io as well. There are also it is saying invalid signature.

NM
Esteemed Contributor
Esteemed Contributor

@Sivateja you only have to add private key .. no need to add public.. what error do you get

Share connection json... Mask confidential values..


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Sivateja
New Contributor
New Contributor

Here is the connection JSON

{
"authentications": {
"acctAuth": {
"authType": "Jwt",
"httpParamsName": "assertion",
"jwtConfig": {
"jwtHeader": {
"alg": "ES256",
"typ": "JWT",
"kid": "*********"
},
"jwtPayload": {
"iss": "******",
"sub": "user",
"aud": "appstoreconnect-v1",
"scope": "https://api.appstoreconnect.apple.com/v1/users"
},
"signedAlgorithm": "ES256",
"key": "-----BEGIN PRIVATE KEY----- ********** -----END PRIVATE KEY-----",
"jwtExpiryDuration": 120
},
"url": "https://api.appstoreconnect.apple.com",
"httpMethod": "POST",
"httpParams": {
"grant_type": "urn:ietf:params:oauth:grant-type:jwt-bearer"
},
"httpContentType": "application/x-www-form-urlencoded",
"retryFailureStatusCode": [
401,
500,
400
],
"authError": [
"SESSION_NOT_VALID",
"AuthenticationFailed",
"ExpiredJwtException",
"401 Unauthorized",
"401",
"You couldn't be authenticated"
],
"errorPath": "code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Bearer",
"accessToken": "abc"
}
}
}

NM
Esteemed Contributor
Esteemed Contributor

@Sivateja, no need to add begin and end in key field of connection json


If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'

Sivateja
New Contributor
New Contributor

@NM I tried by removing them only. Just for reference I have given here.

@NM Please find the logs as well.