JWT_SIGN

Creates a JSON Web Token from the provided payload, secret/key, and algorithm. Default algorithm is RS256 if not specified. Supports HMAC (HS256/HS384/HS512), RSA (RS256/RS384/RS512), and ECDSA (ES256/ES384/ES512) algorithms. Can include standard JWT claims like exp, nbf, iss, aud, jti, iat, sub and custom header fields like kid, typ. Supports both PEM format keys and JWK (JSON Web Key) format for RSA and ECDSA keys.

Syntax 

JWT_SIGN(claim_set, key, [algorithm=RS256], [headers])

Usage examples 

Example 1

Formula

JWT_SIGN({"iss":"Test Company","iat":1676003525,"exp":1707539525,"aud":"www.example.com","sub":"jsmith@example.com"}, CREDENTIAL.jwt_hmac_key, "HS256", {"typ":"JWT"})

Example 2

Input

{}

Formula

JWT_SIGN({"user_id": 123}, "secret", "HS256")

Output

"eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxMjN9.FoW4dUPr9HWzOI8S7Ohpe3hGULZEJhNJeouOX8f1sz8"

Example 3

Input

1
{
2
"payload": {
3
"user_id": 123,
4
"role": "admin"
5
},
6
"rsa_private_key": "-----BEGIN RSA PRIVATE KEY-----\\n...\\n-----END RSA PRIVATE KEY-----"
7
}

Formula

JWT_SIGN(payload, rsa_private_key, "RS256", exp: DATE(NOW() + DAYS(1), "%s"))

Output

"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1c2VyX2lkIjoxMjMsInJvbGUiOiJhZG1pbiIsImV4cCI6MTcwNTg4NjQwMH0.signature"

Example 4

Input

1
{
2
"payload": {
3
"sub": "user123"
4
},
5
"jwk_key": {
6
"kty": "RSA",
7
"n": "base64url_encoded_modulus",
8
"e": "AQAB",
9
"d": "base64url_encoded_private_exponent"
10
}
11
}

Formula

JWT_SIGN(payload, jwk_key, "RS256", kid: "key-123")

Output

"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImtleS0xMjMifQ.eyJzdWIiOiJ1c2VyMTIzIn0.signature"

Sample Actions 

Event Transform
My Action
Event Transform
JWT_SIGN

Select an action to inspect

You can also click "Copy actions" and paste them in your Tines story to see how they work.

Was this helpful?