JWT token

When generating JWT payload,

1. The expiration should be long enough (the example below sets 3 years for expiration)

2. Set accessKey on payload claim

3. Generate JWT with secretKey (base64EncodedSecretKey)

JWT should be delivered in the header of the HTTP request.

import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.Date;
public class JwtAuthorizationGeneratorSample {
    public static void main(String[] args) {

        String algorithm = "HS256";
        String base64EncodedSecretKey = "{secretKey}";
        long expiration = System.currentTimeMillis() + 3 * 365 * 24 * (60 * 60 * 1000L);
        String accessKey = "{accessKey}";

        JwtBuilder builder = Jwts.builder()
            .signWith(SignatureAlgorithm.forName(algorithm), base64EncodedSecretKey)
            .setExpiration(new Date(expiration))
            .setIssuedAt(new Date())
            .claim("accessKey", accessKey);
      
        String jwt = builder.compact();
        System.out.printf("jwt: " + jwt);
    }
}

Check the following example of how to use JWT in the header.

curl --location --request GET 'https://private.shopliveapi.com/v2/{accessKey}/campaign/{campaignKey}' \ 
--header 'Authorization: Bearer {JWT_TOKEN}'