JWTRule
JWTRule
JSON Web Token (JWT) token format for authentication as defined by RFC 75195. See OAuth 2.06 and OIDC 1.07 for how this is used in the whole authentication flow.
Examples:
Spec for a JWT that is issued by https://example.com
, with the audience claims must be either
bookstore_android.apps.example.com
or bookstore_web.apps.example.com
.
The token should be presented at the Authorization
header (default). The JSON Web Key Set (JWKS)
will be discovered following OpenID Connect protocol.
This example specifies a token in a non-default location (x-goog-iap-jwt-assertion
header). It also
defines the URI to fetch JWKS explicitly.
JWTHeader
This message specifies a header location to extract JWT token.