JWT Validator commands
JWT Validator mode provides commands to create or modify a JWT Validator.
To enter the JWT Validator mode, use the crypto jwt-validator command. To delete a JWT Validator, use the no jwt-validator command.
While in this mode, use the commands in the following table to define the configuration of a JWT Validator.
- To view the current configuration, use the show command.
- To restore default values, use the reset command.
- To exit this configuration mode without saving changes to the running configuration, use the cancel command.
- To exit this configuration mode and save changes to the running configuration, use the exit command.
| Command | Purpose |
|---|---|
| admin-state | This command sets the administrative state for the configuration. |
| aud | This command specifies the value that the JWT Validator uses to
validate the JWT audience (aud) claim. |
| claims | This command specifies the JWT claims that the JWT Validator validates. |
| customized-script | This command specifies the custom processing file that the JWT Validator uses to validate the JWT. |
| decrypt-fetch-cred-url | This command specifies the remote location to retrieve the credentials to decrypt the JWT. |
| decrypt-fetch-cred-sslprofile | This command specifies the TLS client profile that contains the credentials to decrypt a JWT. |
| decrypt-jwks | This command specifies the JWK Set that contains the JWK that the JWT Validator uses to decrypt the JWT. |
| decrypt-key | This command specifies the key that the JWT Validator uses to decrypt the JWT. |
| decrypt-kid | This command specifies the key ID to find the JWK in the JWK Set that the JWT Validator uses to decrypt the JWT. |
| decrypt-ssecret | This command specifies the shared secret key that the JWT Validator uses to decrypt the JWT. |
| decrypt-type | This command specifies the key material that the JWT Validator uses to decrypt a JWT. |
| iss | This command specifies the value that the JWT Validator uses to
validate the JWT issuer (iss) claim. |
| summary | This command specifies the brief, descriptive summary for the object instance. |
| username-claim | This command specifies the JWT claim to treat as the
username element from identity extraction. |
| valcred | This command specifies the truststore that the JWT Validator uses to verify the signer certificate. |
| validate-custom | This command specifies the custom processing file that the JWT Validator uses to validate the JWT. |
| validate-method | This command specifies the crypto processing for the JWT Validator. |
| verify-certificate | This command specifies the certificate that the JWT Validator uses to verify the JWT signature. |
| verify-certificate-against-valcred | This command specifies whether to validate the certificate against truststore. |
| verify-fetch-cred-url | This command specifies the remote location to retrieve the credentials to verify the JWT signature. |
| verify-fetch-cred-sslprofile | This command specifies the TLS client profile that contains the credentials to verify the JWT signature. |
| verify-jwks | This command specifies the JWK Set that contains the JWK that the JWT Validator uses to verify the JWT signature. |
| verify-kid | This command specifies the key ID to find the JWK in the JWK Set that the JWT Validator uses to verify the JWT signature. |
| verify-ssecret | This command specifies the shared secret key that the JWT Validator uses to verify the JWT signature. |
| verify-type | This command specifies the key material that the JWT Validator uses to verify the JWT signature. |