SSP Tokens Reference
1. Format
All SSP tokens implement JWT standard as defined in RFC 7519.
It is therefore structured in three parts :
Header
Payload
Signature
Each part is base-64 encoded and separated with a "." (dot):
base64Encode(header) + "." + base64Encode(payload) + "." + base64Encode(signature)
How to sign the token :
The key used in the signing corresponds to the SSP tenant's credential identified by "kid" claim from the token's header.
Algorithm used is HMAC-SHA256 as described in https://tools.ietf.org/html/rfc7518 , section 5.2.
2. Sample
2.1. HEADER
{
"alg": "HS256",
"typ": "JWT",
"kid": "263953"
}
2.2. PAYLOAD
{
"typ": "DevAuthN",
"ver": "John Doe",
"exp": 1516239022,
"tenantId": "VOD197TC",
"deviceId": "Nagra_test_device_0123"
}
2.3. SIGNATURE
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
) secret base64 encoded
2.4. RESULT
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjI2Mzk1MyJ9.eyJ0eXAiOiJEZXZBdXRoTiIsInZlciI6IkpvaG4gRG9lIiwiZXhwIjoxNTE2MjM5MDIyLCJ0ZW5hbnRJZCI6IlZPRDE5N1RDIiwiZGV2aWNlSWQiOiJOYWdyYV90ZXN0X2RldmljZV8wMTIzIn0.YwmO0Gu6TYlYbvXMIiHkoDfm9y4jJ7Nhq2s-QqaedGc
3. Tools
To create an SSP token, please refer to:
JWT Token Creation (SSP-specific tool)
4. Available SSP Tokens
Refer to → Related content