The JSON Web Token Validation Processor validates JSON Web Tokens for authentication.
Select the Processor Configuration tab and click on Add Processor.
Select the JSON Web Token Validation Processor from the drop-down.
In the Basic tab you can set:
Throw Exception on Rejection: whether or not to throw an exception upon rejection
Token Source: Where in the request is the token located?
Token Source Key: The key to use to retrieve the token. Either the name of a Query Parameter or a Cookie
In the Conditional Execution tab, you can set additional processor execution conditions. The Transaction data dependent condition may be specified here as enhanced expression. If this expression returns anything other than TRUE (ignore case) – this processor will be skipped.
On the Token Signature Validation tab you can set:
Signature Algorithm Family: the family that the algorithm used to sign the token belongs to. For example, RSASSA-PKCS1 SHA-256 belongs to the RSASSA family.
HMAC Secret: the secret used to generate the HMAC signature for the token.
KeyStore File: the KeyStore containing the key to validate the token.
KeyStore Type: the type of the KeyStore containing the key to validate the token.
Key Alias: the password for the KeyStore containing the key to validate the token.
Cache KeyStore: If the Key Store should be cached