Docsright arrowEdge Stackright arrowUsing The JWT Filter

4 min • read

Using The JWT Filter

The JWT filter type performs JWT validation on a bearer token present in the HTTP header. If the bearer token JWT doesn't validate, or has insufficient scope, an RFC 6750-complaint error response with a WWW-Authenticate header is returned. The list of acceptable signing keys is loaded from a JWK Set that is loaded over HTTP, as specified in jwksURI. Only RSA and none algorithms are supported.

See the JWT Filter API reference for an overview of all the supported fields.

JWT path-specific arguments

scope is a list of OAuth scope values that Edge Stack will require to be listed in the scope claim. In addition to the normal values of the scope claim (a JSON string containing a space-separated list of values), the JWT Filter also accepts a JSON array of values.

Example configuration