New Plugin: JSON Web Tokens

Anticode · May 14, 2021, 2:31pm

We’ve released a new plugin: JWT

This plugin allows you generate Json Web Tokens (JWTs) within your Bubble application. These are often used to authenticate with third party applications/APIs. The plugin runs on the server an allows you to generate and sign JWTs for the following algorithms: HS256,HS384,HS512,RS256,RS384,RS512,ES256,ES384,ES512

You can set the payload of the JWT, the expiration time, time before it becomes valid and the secret key to sign the JWT. For the RSA and ECDSA algorithm you will have to use an encoded private key. You also have access to the “Verify JWT” action which allows you to decode and check the validity of a JWT.

For a demo of this Plugin please visit: https://anticodepluginsnew.bubbleapps.io/version-test/jwtgenerate

For a demo of this plugin in the Bubble editor please visit: Anticodepluginsnew | Bubble Editor

Plugin page: Json Web Token Plugin | Bubble

Cheers,
Noel

dos · May 15, 2021, 7:32am

Hi @Anticode - this is (almost) exactly what I need - is it possible to remove the requirement to have expiry?

The use case is Stream’s API: https://getstream.io/docs_rest/ which won’t accept the expiries in the payload.

Eg, the payload it wants is the pure payload:

But the plugin is adding 3 extra fields:

Anticode · May 15, 2021, 10:28am

Sure no problem, give us 5 minutes and we’ll push an update.

Anticode · May 15, 2021, 10:31am

Done! The update is live. There are 2 actions: 1 with the expiry date and notbefore date and one without.

Cheers,
Noel

dos · May 15, 2021, 11:26am

That is a whole new level of service - thanks guys!

dos · May 16, 2021, 7:54am

Hi Noel,

I’ve managed to have a look at this - unfortunately, it’s still including an additional field “iat”:

Is it possible for it solely to use the payload given?

Anticode · May 16, 2021, 3:28pm

Hi,

we just released another update that fixes this. the IAT field is now removed.

Cheers,
Noel

Anticode · June 3, 2021, 5:21pm

Setup Video Tutorial: Generate and Verify Json Web Tokens in Bubble.io - YouTube

gilles · June 4, 2021, 11:51am

Thank you for this plugin. Going to use this when I setup my jitsi server + other services.

yavuzcelalca · March 19, 2022, 7:38pm

Hi Noel,
I need to send specific header
{
“alg”: “HS256”,
“typ”: “JWT”,
“dd-ver”: “DD-JWT-V1”
}
is it possible to do that?

user.media · May 15, 2022, 1:51am

Hi there @anticode. I’ve been using your plugin for many months now with perfect success. However, last week it began throwing an error. I checked your demo implementation on your website and it too is giving the same error message. Your urgent help would be greatly appreciated. Thanks!

Anticode · May 15, 2022, 10:11am

Yes we’re looking into this right now

Anticode · May 15, 2022, 10:56am

We just released an update that fixes the bug. Please upgrade the plugin to the latest version

toby2 · June 1, 2022, 8:37pm

Is the custom header possible?

novickiy.digital · September 7, 2022, 1:55pm

Can’t figure out how to work with RS256. Everytime recieve error:

{“library”:“PEM routines”,“function”:“get_name”,“reason”:“no start line”,“code”:“ERR_OSSL_PEM_NO_START_LINE”}

Could somebody help?