The JWT filter type performs JWT validation on a bearer token present in the HTTP header.
If the bearer token JWT doesn't validate, or has insufficient scope, an RFC 6750-complaint error response with a
header is returned. The list of acceptable signing keys is loaded from a JWK Set that is loaded over HTTP, as specified in
jwksURI. Only RSA and
none algorithms are supported.
See the JWT Filter API reference for an overview of all the supported fields.
scope is a list of OAuth scope values that Edge Stack will require to be listed in the
scope claim. In addition to the normal values of the
scope claim (a JSON string containing a space-separated list of values), the JWT Filter also accepts a JSON array of values.