JSON Web Token

This feature allows the runtime to create JSON Web Tokens(JWT).

Enabling this feature

To enable the JSON Web Token 1.0 feature, add the following element declaration into your server.xml file, inside the featureManager element:



The following example shows how to configure the server to construct a JSON Web Token (JWT) for an application:

<keyStore id="defaultKeyStore" password="keyspass"/>

<jwtBuilder expiresInSeconds="600" id="myBuilder" issuer="https://example.com" keyAlias="default"/>

The ID attribute for the jwtBuilder element named myBuilder identifies the JWT builder, and uses the default keyAlias attribute to locate the private key. The issuer attribute in the example is the URL http://example.com that identifies who issued the JSON Web Token. The expiry attribute indicates the token expiration time, which is 600 seconds.

Liberty API packages provided by this feature

  • com.ibm.websphere.security.jwt

Features that this feature enables

Supported Java versions

  • JavaSE-1.7

  • JavaSE-1.8

  • JavaSE-11.0

  • JavaSE-17.0

  • JavaSE-18.0

Developing a feature that depends on this feature

If you are developing a feature that depends on this feature, include the following item in the Subsystem-Content header in your feature manifest file.

com.ibm.websphere.appserver.jwt-1.0; type="osgi.subsystem.feature"