All SSP tokens implement JWT standard as defined in RFC 7519. It is therefore structured in three parts:
Each part is base-64 encoded and separated with a "." (dot):
base64Encode(header) + "." + base64Encode(payload) + "." + base64Encode(signature)
In order to build signature, token's header and payload are signed:
- Signing key used corresponds to the SSP tenant's credential identified by "kid" claim from the token's header.
- Algorithm used is HMAC-SHA256 as described in https://tools.ietf.org/html/rfc7518 , section 5.2.
Resulting Encoded Token:
To create an SSP token, please refer to:
4. Available SSP Tokens
Refer to → Related content