Generate a JSON Web Token (JWT)

Xanadu Platform security

Release

xanadu

ft:locale

en-US

ft:publication_title

Xanadu Platform security

ft:clusterId

psec

bundleId

psec

workflow

Platform

Generate a JSON Web Token (JWT)

Release version: Xanadu

Updated August 1, 2024

1 minute to read

Create a JSON Web Token (JWT) for representing claims securely between two parties on the ServiceNow AI Platform.

The GlideJWT API is a scoped, scriptable API which generates a JWT. There are three arguments necessary before generating the JWT:

Sys_id of JWT Provider
JSON serialized header
JSON serialized payload

There are two JWT API scripts, JWTTokenInternal and JWTTokenRestricted, that you can use when configuring a JWT Provider. The JWTTokenRestricted script enables administrators to configure who can generate a JWT. The JWTTokenInternal script is read-only and enables only logged in users to generate a JWT.

To generate a JWT:

You can use the API to create your token.

You can use standard and custom claims when configuring a JWT provider. You can pass dynamic header and payload claims as part of the generateJWT API signature.

Sample script to test API:

var jwtAPI = new sn_auth.GlideJWTAPI();
var headerJSON = {  "kid": "a1234"  };
var header = JSON.stringify(headerJSON);

var payloadJSON = { "jti": "testjti", "iss": "testiss", "sub": "testsub" };
var payload = JSON.stringify(payloadJSON);

var jwtProviderSysId = "7a40dde2d5303300964fb7c8f3c14ab5";
var jwt = jwtAPI.generateJWT(jwtProviderSysId, header, payload);

gs.info("JWT:" + jwt);