Configure JSON web token API authentication (JWT)

In this topic, you learn how to set up authentication via a JSON web token (JWT) and how to configure it in your Cockpit. You must perform multiple tasks to enable the connection.

Prerequisites

  • You have registered the Neptune DXP - Open Edition in the Azure portal. Find more information about how to register an app on Microsoft documentation.

  • You know the tenant ID from the Azure Portal for your Neptune DXP - Open Edition.

Procedure

  1. In the Cockpit, go to Settings, and click System Settings.

  2. Navigate to the Authentication tab and click Edit.

  3. Click + Add, and select JWT.

    settings auth jwt

    Result: The Authentication window opens.

  4. In JWT authentication, fill in or check the following fields:

  5. Enter a Name for the authentication.

  6. Check Active to activate this authentication method.

  7. Enter a Description.

  8. Enter a Path to retrieve a Neptune DXP - Open Edition session, for example, /user/logon/jwt/(path). You can add any string as a path.

  9. You can add an Issuer validation.

  10. You can add an Audience validation.

  11. In Secret, add a secret key for the validation if no JSON web key set (JWKS) URL is provided.

    Jwks Url

    Add the URL that leads to the JWKS. For example:

    https://login.microsoftonline.com/<tenantid>/discovery/v2.0/keys

  12. In Proxy for jwks urr, add a proxy for your JWKS url, you can add any string.

  13. Set a token header field in Override default Jwt Extraction Method - From Authorization Header as Bearer Token

  14. In Claims Assignment, click Add to add claims assignments.

  15. In Auto Assignment, assign roles and departments from Microsoft Entra ID/from system?.

  16. Click OK to save your input.

    Result: The Authentication dialog closes.

  17. In System Settings, click Restart to activate JSON web token authentication.

Results

  • You have configured and activated a JWT authentication.

Related topics