DocumentationWorkfrontAdobe Workfront Fusion

JWT module

Last update: Fri Aug 22 2025 00:00:00 GMT+0000 (Coordinated Universal Time)

The Adobe Workfront Fusion JWT app provides a module that creates JWT tokens based on the provided algorithm.

Access requirements

Expand to view access requirements for the functionality in this article.

You must have the following access to use the functionality in this article:

table 0-row-2 1-row-2 2-row-2 3-row-2 layout-auto html-authored no-header
Adobe Workfront package Any
Adobe Workfront license

New: Standard

Or

Current: Work or higher
Adobe Workfront Fusion license** No Workfront Fusion license requirement
Product

New:

  • Select or Prime Workfront package: Your organization must purchase Adobe Workfront Fusion.
  • Ultimate Workfront package: Workfront Fusion is included.

Or

Current: Your organization must purchase Adobe Workfront Fusion.

For more detail about the information in this table, see Access requirements in documentation.

For information on Adobe Workfront Fusion licenses, see Adobe Workfront Fusion licenses.

JWT API information

The JWT connector uses the following:

API tag
v1.1.5

JWT module and its fields

Generate JWT

This module generates a JWT based on the selected algorithm.

Algorithm

Select algorithm with which you want to generate the JWT.

  • HS256: HMAC using SHA-256 hash algorithm
  • HS384: HMAC using SHA-384 hash algorithm
  • HS512: HMAC using SHA-512 hash algorithm
  • RS256: RSASSA-PKCS1-v1_5 using SHA-256 hash algorithm
  • RS384: RSASSA-PKCS1-v1_5 using SHA-384 hash algorithm
  • RS512: RSASSA-PKCS1-v1_5 using SHA-512 hash algorithm
  • PS256: RSASSA-PSS using SHA-256 hash algorithm (only Node ^6.12.0 OR >=8.0.0)
  • PS384: RSASSA-PSS using SHA-384 hash algorithm (only Node ^6.12.0 OR >=8.0.0)
  • PS512: RSASSA-PSS using SHA-512 hash algorithm (only Node ^6.12.0 OR >=8.0.0)
  • ES256: ECDSA using P-256 curve and SHA-256 hash algorithm
  • ES384: ECDSA using P-384 curve and SHA-384 hash algorithm
  • ES512: ECDSA using P-521 curve and SHA-512 hash algorithm
Payload
For each payload item you want to add, click Add item and enter the item's key and value.
Options

For each option item you want to add, click Add item and enter the item's key and value.

The following keys are available:

  • algorithm: (default: RS256)
  • expiresIn: Expressed in seconds or a string describing a time span (e.g., 2 days, 10h, 7d). A numeric value is interpreted as a seconds count. If you use a string, be sure to provide the time units (days, hours, etc.), otherwise milliseconds unit is used by default (120 is equal to 120ms).
  • notBefore: Expressed in seconds or a string describing a time span (e.g., 2 days, 10h, 7d). A numeric value is interpreted as a seconds count. If you use a string, be sure to provide the time units (days, hours, etc.), otherwise milliseconds unit is used by default (120 is equal to 120ms).
  • audience
  • issuer
  • jwtid
  • subject
  • noTimestamp
  • header
  • keyid
  • mutatePayload: If true, the sign function will modify the payload object directly. This is useful if you need a raw reference to the payload after claims have been applied to it but before it has been encoded into a token.
  • allowInsecureKeySizes: If true, allows private keys with a modulus below 2048 to be used for RSA.
  • allowInvalidAsymmetricKeyTypes: If true, allows asymmetric keys which do not match the specified algorithm. This option is intended only for backward compatibility and should be avoided.
recommendation-more-help
7e1891ad-4d59-4355-88ab-a2e62ed7d1a3