Verify the signature of a JSON Web token and decode the payload using extensible outputs.
Complete JWT, including the Base64 encoded header and payload, in addition to the signature.
Private or public key used to encrypt the signature of the JWT. Private keys need to be shared, but many algorithms can be decoded by a corresponding public key.
Identifies the recipients for which the JWT is intended. Value is a case-sensitive string containing a string or URI value. Use of the audience claim (aud) is optional.
Identifies the issuer of the JWT. Value is a case-sensitive string containing a string or URI value. Use of the issuer claim (iss) is optional.
Boolean value that allows the receiving party that is decoding the token to ignore any expiration time (exp) set in the signature. Card defaults to honoring the expiration field.
Identifies the subject of the JWT. Subjects should be either locally or globally unique. Value is a case-sensitive string containing a string or URI value. Use of subject claim (sub) is optional.
Okta Workflows supports the following types of JWT encryption:
Extensible outputs allow you to manually add a new output field for each key that you expect to be delivered with the payload; these outputs can then be dragged to other inputs in the flow to process the data.