Forum Academy Marketplace Showcase Pricing Features

Secure your Endpoints with JWT Tools, JWK encryption and decryption , create PEM Files on the fly - Security Salamander

Hi forums,

I’m releasing another plugin soon, this time dubbed Security Salamander.

https __s3.amazonaws.com_appforest_uf_f1663436551713x796856683199994400_icons8-axolotl

CONTEXT:

I was building a Fintech app using Plaid Webhooks for one of my clients. One of the very first problems I came across was finding a way to secure my API endpoint to ensure that I am only accepting API Requests from Plaid, and no one else. Since my client is in the world of American politics, there are many bad actors - and so any risk (otherwise insignificant) can become a huge problem.

PROBLEM:

By far the most common way of securing API endpoints is by using JWT (JSON Web Tokens). In Bubble, there is no way to “work” with JWT, or JWK (JSON Web Keys) which are vital to any JWT integration. The problem is that there are several ways of using JWT, all requiring their own encryption algorithms. For instance, Plaid uses JWT with an encryption algorithm that is completely different from Stripe’s.

SOLUTION:

My plugin, Security Salamander, will be a bundle of very useful server side actions that will let you use (most) JSON Web Tokens integrations: secure your endpoints, use more complicated API services, such as Stripe’s Pin management (currently incompatible with the API connector).

This plugin will support the most common encryption algorithms for encryption and decrypting JWK, let you create PEM files on the fly and more general actions to perform very common tasks with JSON.

I’ll update this post when I am ready to release. If anyone has any questions, comments or suggestions let me know :slight_smile:

6 Likes

Bruh, wow! If you need a tester… Salut! haha Can’t wait to try this out with our xano backend.

2 Likes

@Future

This is what I have so far, all seem to be working. For anyone wondering, the fetch action lets you fetch a public key from a URL and convert it into JSON.

Any suggestions / ideas?

@Future

Hey everyone!

I’ve just sent the plugin for review by Bubble. It should be available soon!

In the meantime, check out this YouTube introduction I made.

2 Likes

Can’t wait to try this. Need to secure my Stripe webhooks and excited for this. Commenting here so I can get an update when it’s live.

1 Like

I’m glad you are excited. I’ll always be here for questions and feature improvements. Good luck!

Hey!

While you are waiting for the plugin to release, you can check out this demo.

EDITOR: Plugin-testing-page | Bubble Editor

RUN MODE: https://plugin-testing-page.bubbleapps.io/version-test/security_salamander?debug_mode=true

It’s out now!

@Future @jacob.b.singer

It is available :smiley:

1 Like

ah yeah! will try asap. thanks jonah :slight_smile:

1 Like