Skip to main content

Get Signed JWT

A system task that allows signing a JWT token.


"name": "get_signed_jwt",
"taskReferenceName": "get_signed_jwt_ref",
"inputParameters": {
"subject": "${workflow.input.subject}",
"issuer": "${workflow.input.issuer}",
"privateKey": "${workflow.secrets.jwt-privatekey}",
"privateKeyId": "key-123",
"audience": "${workflow.input.audience}",
"ttlInSecond": 3600,
"scopes": "${workflow.input.scope}",
"algorithm": "RS256"
"type": "GET_SIGNED_JWT"

Input Parameters

subjectThe subject of the JWT. Often represents the entity (e.g., user or service) for which the token is issued.
issuerThe issuer of the JWT, identifying who created and signed the token.
privateKeyThe private key used to sign the JWT.
privateKeyIdAn identifier for the private key used to sign the JWT.
audienceThe intended recipient(s) of the JWT.
ttlInSecondsThe time-to-live (TTL) or expiration time of the JWT, specified in seconds.
scopesThe scopes associated with the JWT. It defines the access permissions for the token grants. It can be string or array.
algorithmThe signing algorithm to use for the JWT. Currently, it's set to RS256, which refers to the RSA signature with the SHA-256 hash algorithm.
cacheConfigEnabling this option allows saving the cache output of the task. On enabling, you can provide the following parameters:
optionalEnabling this option renders the task optional. The workflow continues unaffected by the task's outcome, whether it fails or remains incomplete.


  1. Add task type Get Signed JWT.
  2. Configure the input parameters.

Get Signed JWT task UI method