---
title: JWT_SIGN
url: https://www.tines.com/docs/formulas/functions/jwt-sign/
kind: formula-function
---

*[tines.com](https://www.tines.com/llms.txt) › [Docs](https://www.tines.com/docs/llms.txt) › [Formulas](https://www.tines.com/llm/docs/formulas.md) › [Functions](https://www.tines.com/llm/docs/formulas/functions.md)*

# JWT_SIGN

*[View on tines.com](https://www.tines.com/docs/formulas/functions/jwt-sign/)*

Creates a JSON Web Token from the provided payload, secret/key, and algorithm. Default algorithm is RS256 if not specified. Supports HMAC (HS256/HS384/HS512), RSA (RS256/RS384/RS512), and ECDSA (ES256/ES384/ES512) algorithms. Can include standard JWT claims like exp, nbf, iss, aud, jti, iat, sub and custom header fields like kid, typ. Supports both PEM format keys and JWK (JSON Web Key) format for RSA and ECDSA keys.

**Categories:** Hashing/Signing

## Syntax

```
JWT_SIGN(claim_set, key, [algorithm=RS256], [headers])
```

## Examples

### Example 1

Formula:

```
JWT_SIGN({"iss":"Test Company","iat":1676003525,"exp":1707539525,"aud":"www.example.com","sub":"jsmith@example.com"}, CREDENTIAL.jwt_hmac_key, "HS256", {"typ":"JWT"})
```

### Example 2

Input:

```json
{}
```

Formula:

```
JWT_SIGN({"user_id": 123}, "secret", "HS256")
```

Output:

```json
"eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxMjN9.FoW4dUPr9HWzOI8S7Ohpe3hGULZEJhNJeouOX8f1sz8"
```

### Example 3

Input:

```json
{
  "payload": {
    "user_id": 123,
    "role": "admin"
  },
  "rsa_private_key": "-----BEGIN RSA PRIVATE KEY-----\\n...\\n-----END RSA PRIVATE KEY-----"
}
```

Formula:

```
JWT_SIGN(payload, rsa_private_key, "RS256", exp: DATE(NOW() + DAYS(1), "%s"))
```

Output:

```json
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1c2VyX2lkIjoxMjMsInJvbGUiOiJhZG1pbiIsImV4cCI6MTcwNTg4NjQwMH0.signature"
```

### Example 4

Input:

```json
{
  "payload": {
    "sub": "user123"
  },
  "jwk_key": {
    "kty": "RSA",
    "n": "base64url_encoded_modulus",
    "e": "AQAB",
    "d": "base64url_encoded_private_exponent"
  }
}
```

Formula:

```
JWT_SIGN(payload, jwk_key, "RS256", kid: "key-123")
```

Output:

```json
"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImtleS0xMjMifQ.eyJzdWIiOiJ1c2VyMTIzIn0.signature"
```

## Sample actions

```json
{
  "standardLibVersion": "13",
  "actionRuntimeVersion": "2",
  "agents": [
    {
      "disabled": false,
      "name": "My Action",
      "description": null,
      "options": {
        "mode": "message_only",
        "loop": false,
        "payload": {
          "claims": {
            "iss": "Test Company",
            "iat": 1676003525,
            "exp": 1707539525,
            "aud": "www.example.com",
            "sub": "jsmith@example.com"
          },
          "headers": {
            "typ": "JWT"
          }
        }
      },
      "position": {
        "x": 2325,
        "y": 2895
      },
      "type": "eventTransformation",
      "timeSavedUnit": "minutes",
      "timeSavedValue": 0,
      "monitorAllEvents": false,
      "monitorFailures": false,
      "monitorNoEventsEmitted": null,
      "form": null
    },
    {
      "disabled": false,
      "name": "JWT_SIGN",
      "description": "",
      "options": {
        "mode": "message_only",
        "loop": false,
        "payload": {
          "jwt_sign": "=JWT_SIGN(my_action.claims, CREDENTIAL.jwt_hmac_key, \"HS256\", my_action.headers)"
        }
      },
      "position": {
        "x": 2325,
        "y": 3000
      },
      "type": "eventTransformation",
      "timeSavedUnit": "minutes",
      "timeSavedValue": 0,
      "monitorAllEvents": false,
      "monitorFailures": false,
      "monitorNoEventsEmitted": null,
      "form": null
    }
  ],
  "links": [
    {
      "sourceIdentifier": 0,
      "receiverIdentifier": 1
    }
  ],
  "diagramNotes": []
}
```
