JWT_SIGN
Creates a JSON Web Token from the provided payload, secret/key, and algorithm. Default algorithm is RS256 if not specified. Supports HMAC (HS256/HS384/HS512), RSA (RS256/RS384/RS512), and ECDSA (ES256/ES384/ES512) algorithms. Can include standard JWT claims like exp, nbf, iss, aud, jti, iat, sub and custom header fields like kid, typ. Supports both PEM format keys and JWK (JSON Web Key) format for RSA and ECDSA keys.
Categories: Hashing/Signing
Syntax
JWT_SIGN(claim_set, key, [algorithm=RS256], [headers])
Examples
Example 1
Formula
JWT_SIGN({"iss":"Test Company","iat":1676003525,"exp":1707539525,"aud":"www.example.com","sub":"jsmith@example.com"}, CREDENTIAL.jwt_hmac_key, "HS256", {"typ":"JWT"})
Example 2
Input
{}
Formula
JWT_SIGN({"user_id": 123}, "secret", "HS256")
Output
"eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxMjN9.FoW4dUPr9HWzOI8S7Ohpe3hGULZEJhNJeouOX8f1sz8"
Example 3
Input
1
{
2
"payload": {
3
"user_id": 123,
4
"role": "admin"
5
},
6
"rsa_private_key": "-----BEGIN RSA PRIVATE KEY-----\\n...\\n-----END RSA PRIVATE KEY-----"
7
}
Formula
JWT_SIGN(payload, rsa_private_key, "RS256", exp: DATE(NOW() + DAYS(1), "%s"))
Output
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1c2VyX2lkIjoxMjMsInJvbGUiOiJhZG1pbiIsImV4cCI6MTcwNTg4NjQwMH0.signature"
Example 4
Input
1
{
2
"payload": {
3
"sub": "user123"
4
},
5
"jwk_key": {
6
"kty": "RSA",
7
"n": "base64url_encoded_modulus",
8
"e": "AQAB",
9
"d": "base64url_encoded_private_exponent"
10
}
11
}
Formula
JWT_SIGN(payload, jwk_key, "RS256", kid: "key-123")
Output
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImtleS0xMjMifQ.eyJzdWIiOiJ1c2VyMTIzIn0.signature"
Sample actions
Select an action to inspect
You can also click "Copy actions" and paste them in your Tines story to see how they work.