Authenticating with JSON Web Tokens (JWT)

JSON Web Token (JWT) are self-contained tokens that carry user information and claims.

The tokens are signed using algorithms to ensure data authenticity. Once issued upon user login, a JWT must be included in the Authorization header of each request. For example, Authorization: Bearer <token>.

The Authentication Service API generates, authenticates, and invalidates JWT tokens using SAF JWT Service. Internally, the IMS Transaction Isolation Service API and Debug Profile Service API use the same service to authenticate the JWT Authentication tokens.