How To Use JWT - MUIT-iDev/JWT GitHub Wiki

How To Use JWT

Topics

Server REST Detail
- Domain
  - {domain}
- Protocol
  - https
- Port
  - 443
- Exp.
  - https://domain.name

Over all REST Method detail

Category	Method Get	Parameter		Parameter Detail
		Query	Header
Client Authen	/adfs/v1/authen/	-		systemKey
	/v1/access/	package		tokenRefresh.systemKey
System Authen	/v1/regisToken/	-		token
	/v1/access/	-		APIKey
API Verify Signature	/v1/publickey/	package		tokenAccess.systemKey

Category Client Authen
- Client use for generate token key.
- Method Authen
  - /adfs/v1/authen/
    - Authen and get token refresh.
      - Token refresh has expired in 12 hour.
      - Token refresh send to you system, with redirect on method GET.
    - Package
      - systemkey
        
        System Key.
    - Example.
      - Path
        
        server/adfs/v1/authen/{systemkey}
        
        server/adfs/v1/authen/{systemkey}?correlationId={UUID}
        
        server/adfs/v1/authen/{systemkey}?correlationId={UUID}&option={optional}
      - Receive
        
        you can custom path for receive token refresh and or option.
        
        {0} is Token refresh.
        
        {1} is correlationId.
        
        {2} is option (optional: string empty).
        
        http://localhost:8888/etc/#token={0}&correlationId={1}
        
        http://domain.exp/token/{0}/{1}
        
        http://your.domain/?token={0}&correlationId={1}
        
        http://localhost:8888/etc/#token={0}&correlationId={1}&option={2}
        
        http://domain.exp/token/{0}/{1}/{2}
        
        http://your.domain/?token={0}&correlationId={1}&option={2}
  - /v1/regisToken/{apiKey}
    - Get token refresh.
      - Generate token refresh, with custom data.
      - Token refresh has expired in 12 hour.
    - Package
      - package = reverse(base64({data}))
        
        data
        
        Full data package
        
        Min data package (***required)
        
        View data package
    - Example.
      - Path
        
        {domain}/v1/regisToken/{apiKey}?token={package}&correlationId={UUID}
- Method /v1/access/
  - Get token access, with used token refresh from authen. And get token access for access API.
    - Token access has expired in 3 minutes.
    - Recommend to use token access for access API in 1 time, and request new token access for use API in next time.
  - Package
    - Base64 all parameter, with “.” (dot).
    - tokenRefresh
      - Used Data “tokenRefresh” from package authen
    - systemkey
      - System Key.
  - Example
    - Function generate package
      - package = base64({tokenRefresh}.{systemkey})
    - Path
      - {domain}/v1/access (package with header)
      - {domain}/v1/access?correlationId={UUID}
      - {domain}/v1/access?package={package}&correlationId={UUID}
- Flow Authen

Category System Authen
- System use for generate token key.
- Method /v1/access/
  - Get token access, with used API Key. And get token access for access API.
    - Token access has expired in 3 minutes.
    - Recommend to use token access for access API in 1 time, and request new token access for use API in next time.
  - Package
    - No Package.
  - Example
    - Path
      - {domain}/v1/access/{APIKey}
      - {domain}/v1/access/{APIKey}?correlationId={UUID}
- Flow Authen

Category API Verify Signature
- API Service use for verify signature from token access.
- Method /v1/publickey/
- Method /v1/publickeypem/
  - Get public key for verify signature token access.
  - Document & libraries
  - Package
    - Base64 all parameter, with “.” (dot).
    - tokenAccess
      - Used Data “tokenAccess” from package request API Authorization.
    - systemKey
      - System key
  - Example
    - Path
      - {domain}/v1/publickey (package with header)
      - {domain}/v1/publickey?package={package}
      - {domain}/v1/publickey?package={package}&correlationId={UUID}
- Flow Verify Signature

⚠️ GitHub.com Fallback ⚠️