JWT Configuration Parameters

Previous Next JavaScript must be enabled to correctly display this content

1.1.5.3.3 JWT Configuration Parameters

You can specify the following parameters in the JWT configuration file:

Table 1-8 JWT Configuration Parameters

Parameter Name	Data Type Supported in JWT Token	Description
`JWT_AUD_CLAIM`	String , String Array	The value for this parameter must match the `aud` (audience) claim in the JWT token. Multiple values are supported, and a match is valid if any of the specified values matches the `aud` claim.
`JWT_ISS_CLAIM`	String	This value must match the `iss` (issuer) claim in the JWT token. Only a single value is supported.
`JWT_KEY_USE_HEADER`	String	This parameter value specifies the key usage type `kid` expected in the JWT header. For example, `SIGNING_KEY`. Only a single value is supported.
`JWT_HEADER_TYPE`	String	This parameter defines the expected `typ` (type) value in the JWT header, that should be `JWT`. Only a single value is supported.
`JWT_JTI_REPLAY_DETECTION`	String	This parameter enables or disables JWT ID `(jti)` replay detection to prevent token reuse. By default it's disabled.
`JWT_INSECURE_ALGO`	String	This parameter lists cryptographic algorithms that are considered insecure and are not permitted to be used. Multiple values are supported.
`JWT_ROLE_CLAIM`	String, String Array	This parameter specifies the expected role value in the JWT token. Multiple values are supported, and a match is valid if any of the specified values matches the `JWT_ROLE_CLAIM_NAME` `claim` of the JWT token.
`JWT_ROLE_CLAIM_NAME`	String	This parameter defines the claim name in the JWT token where the role information is stored . For example, `allow_roles`. Only a single value is supported If `JWT_PERMISSION_CLAIM` is set, the default value of `JWT_PERMISSION_CLAIM_NAME` is `permissions`.
`JWT_PERMISSION_CLAIM`	String, String Array	This parameter specifies the expected permission value(s) in the JWT token. Multiple values are supported, and a match is valid if any of the specified values match the `JWT_ROLE_CLAIM_NAME` claim of the JWT token.
`JWT_SCOPE_CLAIM`	String, String Array	This parameter specifies the expected scope value(s) in the JWT token. Multiple values are supported, and a match is valid if any of the specified values match the `scope` claim of the JWT token.
`JWT_ORIGIN_CLAIM`	String, String Array	This parameter specifies the expected origin(s) of the JWT token. such as the issuing domain. For example, https://oracle.com Multiple values are supported, and a match is valid if any of the specified values match the `origin` claim of the JWT token.
`JWT_ERROR_MAPPING_FILE`	String	This parameter specifies the path to the error mapping file used for custom JWT error handling.

Parent topic: Configuring JWT Authentication and Customizing Error Messages