Generating JWT token for Ghost CMS API

Here’s my little adventure into generating the JWT token for Ghost CMS.

  1. You need to use JWT Encode as this allows you to set the KID in the header which no other allows you to.
  2. You need to decode the Secret Key into its original binary byte array.

→ This is where you get stuck as you can’t do this in Bubble.

The javascript code is basically similar to this:

// Create the token (including decoding secret)
const token = jwt.sign({}, Buffer.from(secret, 'hex'), {
    keyid: id,
    algorithm: 'HS256',
    expiresIn: '5m',
    audience: `/admin/`

Basically I seem stuck on how to get the secret key correctly converted – Any ideas?


This is the bit of the documentation on which I’m stuck: