JWT token

    JWT token

    Article Summary

    JWT token

    When generating JWT payload,

    1. expiration should be long enough (example below set 3 years for expiration)
    2. and set accessKey on payload claim
    3. and generate JWT with secretKey (base64EncodedSecretKey)

    JWT should be delivered in the header of the HTTP request

    import io.jsonwebtoken.JwtBuilder;
    import io.jsonwebtoken.Jwts;
    import io.jsonwebtoken.SignatureAlgorithm;
    import java.util.Date;
    public class JwtAuthorizationGeneratorSample {
        public static void main(String[] args) {
            String algorithm = "HS256";
            String base64EncodedSecretKey = "{secretKey}";
            long expiration = System.currentTimeMillis() + 3 * 365 * 24 * (60 * 60 * 1000L);
            String accessKey = "{accessKey}";
            JwtBuilder builder = Jwts.builder()
                .signWith(SignatureAlgorithm.forName(algorithm), base64EncodedSecretKey)
                .setExpiration(new Date(expiration))
                .setIssuedAt(new Date())
                .claim("accessKey", accessKey);
            String jwt = builder.compact();
            System.out.printf("jwt: " + jwt);

    Please see the following example of how to use JWT in the header.

    curl --location --request GET 'https://private.shopliveapi.com/v2/{accessKey}/campaign/{campaignKey}' \ 
    --header 'Authorization: Bearer {JWT_TOKEN}'