DocumentationWorkfrontAdobe Workfront Fusion

JWT module

Last update: Wed Sep 03 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

The Adobe Workfront Fusion JWT app provides a module that creates JWT tokens based on the provided algorithm.

Access requirements

Expand to view access requirements for the functionality in this article.
table 0-row-2 1-row-2 2-row-2 layout-auto html-authored no-header
Adobe Workfront package

Any Adobe Workfront Workflow package and any Adobe Workfront Automation and Integration package

Workfront Ultimate

Workfront Prime and Select packages, with an additional purchase of Workfront Fusion.
Adobe Workfront licenses

Standard

Work or higher
Product If your organization has a Select or Prime Workfront package that does not include Workfront Automation and Integration, your organization must purchase Adobe Workfront Fusion.

For more detail about the information in this table, see Access requirements in documentation.

JWT API information

The JWT connector uses the following:

API tag
v1.1.5

JWT module and its fields

Generate JWT

This module generates a JWT based on the selected algorithm.

Algorithm

Select algorithm with which you want to generate the JWT.

  • HS256: HMAC using SHA-256 hash algorithm
  • HS384: HMAC using SHA-384 hash algorithm
  • HS512: HMAC using SHA-512 hash algorithm
  • RS256: RSASSA-PKCS1-v1_5 using SHA-256 hash algorithm
  • RS384: RSASSA-PKCS1-v1_5 using SHA-384 hash algorithm
  • RS512: RSASSA-PKCS1-v1_5 using SHA-512 hash algorithm
  • PS256: RSASSA-PSS using SHA-256 hash algorithm (only Node ^6.12.0 OR >=8.0.0)
  • PS384: RSASSA-PSS using SHA-384 hash algorithm (only Node ^6.12.0 OR >=8.0.0)
  • PS512: RSASSA-PSS using SHA-512 hash algorithm (only Node ^6.12.0 OR >=8.0.0)
  • ES256: ECDSA using P-256 curve and SHA-256 hash algorithm
  • ES384: ECDSA using P-384 curve and SHA-384 hash algorithm
  • ES512: ECDSA using P-521 curve and SHA-512 hash algorithm
Payload
For each payload item you want to add, click Add item and enter the item's key and value.
Options

For each option item you want to add, click Add item and enter the item's key and value.

The following keys are available:

  • algorithm: (default: RS256)
  • expiresIn: Expressed in seconds or a string describing a time span (e.g., 2 days, 10h, 7d). A numeric value is interpreted as a seconds count. If you use a string, be sure to provide the time units (days, hours, etc.), otherwise milliseconds unit is used by default (120 is equal to 120ms).
  • notBefore: Expressed in seconds or a string describing a time span (e.g., 2 days, 10h, 7d). A numeric value is interpreted as a seconds count. If you use a string, be sure to provide the time units (days, hours, etc.), otherwise milliseconds unit is used by default (120 is equal to 120ms).
  • audience
  • issuer
  • jwtid
  • subject
  • noTimestamp
  • header
  • keyid
  • mutatePayload: If true, the sign function will modify the payload object directly. This is useful if you need a raw reference to the payload after claims have been applied to it but before it has been encoded into a token.
  • allowInsecureKeySizes: If true, allows private keys with a modulus below 2048 to be used for RSA.
  • allowInvalidAsymmetricKeyTypes: If true, allows asymmetric keys which do not match the specified algorithm. This option is intended only for backward compatibility and should be avoided.
recommendation-more-help
7e1891ad-4d59-4355-88ab-a2e62ed7d1a3